On 25-abr-09, at 12:11, Stefan de Konink wrote: > On Sat, 25 Apr 2009, Alvaro Lopez Ortega wrote: > >> This means that, even if cherokee-worker (the actual web server) was >> running as nobody, it was able to spawn a new PHP fastcgi daemon >> running as the www-data user. >> >> If you guys have the chance, give it a try. I'd love to get feedback >> from you before releasing 0.99.12. The change has been quite big, and >> I wouldn't like to introduce any regression in the upcoming release. > > What did you do to prevent executable code to execute the spawn > function?
What do you mean by executable code? Cherokee-worker is the only process that can access the spawning mechanism. No other external process can interfere with the spawning (except of other root processes of course). > Is it possible to explictly disable respawn as root at configure? > (Stack > initialisation of non-zero etc.) r3169 has fixed the problem - I knew I needed some feedback for a reason. :-) -- Octality http://www.octality.com/ _______________________________________________ Cherokee mailing list [email protected] http://lists.octality.com/listinfo/cherokee
