This is an automated email from the ASF dual-hosted git repository.
wwbmmm pushed a commit to branch release-1.14
in repository https://gitbox.apache.org/repos/asf/brpc.git
The following commit(s) were added to refs/heads/release-1.14 by this push:
new 9049685d improve server and redis docs
9049685d is described below
commit 9049685d0b98f8f9c399ec625304ef77df30563a
Author: wwbmmm <wwb...@163.com>
AuthorDate: Sat Aug 2 16:43:47 2025 +0800
improve server and redis docs
---
docs/cn/redis_client.md | 2 ++
docs/cn/server.md | 6 +++++-
docs/en/redis_client.md | 2 ++
docs/en/server.md | 6 +++++-
4 files changed, 14 insertions(+), 2 deletions(-)
diff --git a/docs/cn/redis_client.md b/docs/cn/redis_client.md
index 52409706..48873c9f 100644
--- a/docs/cn/redis_client.md
+++ b/docs/cn/redis_client.md
@@ -126,6 +126,8 @@ bool AddCommandByComponents(const butil::StringPiece*
components, size_t n);
格式和hiredis基本兼容:即%b对应二进制数据(指针+length),其他和printf的参数类似。对一些细节做了改进:当某个字段包含空格时,使用单引号或双引号包围起来会被视作一个字段。比如AddCommand("Set
'a key with space' 'a value with space as well'")中的key是a key with
space,value是a value with space as well。在hiredis中必须写成redisvCommand(..., "SET %s
%s", "a key with space", "a value with space as well");
+>
注意,AddCommand和AddCommandV的fmt参数如果设置错误,有可能导致程序crash或者数据泄露,请谨慎设置。不应将受用户输入影响的内容作为fmt参数进行调用!
+
AddCommandByComponents类似hiredis中的redisCommandArgv,用户通过数组指定命令中的每一个部分。这个方法对AddCommand和AddCommandV可能发生的转义问题免疫,且效率最高。如果你在使用AddCommand和AddCommandV时出现了“Unmatched
quote”,“无效格式”等问题且无法定位,可以试下这个方法。
如果AddCommand\*失败,后续的AddCommand\*和CallMethod都会失败。一般来说不用判AddCommand*的结果,失败后自然会通过RPC失败体现出来。
diff --git a/docs/cn/server.md b/docs/cn/server.md
index 9a31aa71..bbce8522 100644
--- a/docs/cn/server.md
+++ b/docs/cn/server.md
@@ -675,7 +675,7 @@ server.MaxConcurrencyOf("example.EchoService.Echo") =
"auto";
pthread模式可以让一些老代码快速尝试brpc,但我们仍然建议逐渐地把代码改造为使用bthread local或最好不用TLS,从而最终能关闭这个开关。
-## 安全模式
+## 安全
如果你的服务流量来自外部(包括经过nginx等转发),你需要注意一些安全因素:
@@ -714,6 +714,10 @@ curl -s -m 1
<HOSTNAME>:<PORT>/flags/enable_dir_service,enable_threads_service |
可以考虑对server地址做签名。比如在设置ServerOptions.internal_port后,server返回的错误信息中的IP信息是其MD5签名,而不是明文。
+### 不以root用户启动brpc进程
+
+由于brpc在运行过程中会写入各种文件(如server pid文件、rpcz、rpc
dump、profiling等),如果brpc以root用户运行,攻击者可能利用这一特性进行文件的越权写入。因此,无论brpc是否对外提供网络服务,都不建议以root用户启动brpc进程。
+
## 定制/health页面
/health页面默认返回"OK",若需定制/health页面的内容:先继承[HealthReporter](https://github.com/apache/brpc/blob/master/src/brpc/health_reporter.h),在其中实现生成页面的逻辑(就像实现其他http
service那样),然后把实例赋给ServerOptions.health_reporter,这个实例不被server拥有,必须保证在server运行期间有效。用户在定制逻辑中可以根据业务的运行状态返回更多样的状态信息。
diff --git a/docs/en/redis_client.md b/docs/en/redis_client.md
index 0ab1694d..093868b6 100644
--- a/docs/en/redis_client.md
+++ b/docs/en/redis_client.md
@@ -127,6 +127,8 @@ bool AddCommandByComponents(const butil::StringPiece*
components, size_t n);
Formatting is compatible with hiredis, namely `%b` corresponds to binary data
(pointer + length), others are similar to those in `printf`. Some improvements
have been made such as characters enclosed by single or double quotes are
recognized as one field regardless of the spaces inside. For example,
`AddCommand("Set 'a key with space' 'a value with space as well'")` sets value
`a value with space as well` to key `a key with space`, while in hiredis the
command must be written as `redisvC [...]
+> Note that if the `fmt` parameter of `AddCommand` and `AddCommandV` is set
incorrectly, it may cause the program to crash or lead to data leakage. Please
set it with caution. Should not use user input-influenced content as the `fmt`
parameter!
+
`AddCommandByComponents` is similar to `redisCommandArgv` in hiredis. Users
specify each part of the command in an array, which is immune to escaping
issues often occurring in `AddCommand` and `AddCommandV`. If you encounter
errors such as "Unmatched quote" or "invalid format" when using `AddCommand`
and `AddCommandV`, try this method.
If `AddCommand*` fails, subsequent `AddCommand*` and `CallMethod` also fail.
In general, there is no need to check return value of `AddCommand*`, since the
RPC fails directly anyway.
diff --git a/docs/en/server.md b/docs/en/server.md
index e49f8512..b7edd647 100644
--- a/docs/en/server.md
+++ b/docs/en/server.md
@@ -669,7 +669,7 @@ Performance issues when pthread mode is on:
pthread-mode lets legacy code to try brpc more easily, but we still recommend
refactoring the code with bthread-local or even remove TLS gradually, to turn
off the option in future.
-## Security mode
+## Security
If requests are from public(including being proxied by nginx etc), you have to
be aware of some security issues.
@@ -709,6 +709,10 @@ brpc::WebEscape() escapes url to prevent injection attacks
with malice.
Consider returning signatures of the addresses. For example after setting
ServerOptions.internal_port, addresses in error information returned by server
is replaced by their MD5 signatures.
+### Not start the brpc process as the root user
+
+During its operation, brpc writes various files (such as server pid files,
rpcz, rpc dump, profiling, etc.). If brpc runs as the root user, attackers may
exploit this feature to perform unauthorized file writes. Therefore, regardless
of whether brpc provides network services or not, it is not recommended to
start the brpc process as the root user.
+
## Customize /health
/health returns "OK" by default. If the content on /health needs to be
customized: inherit
[HealthReporter](https://github.com/apache/brpc/blob/master/src/brpc/health_reporter.h)
and implement code to generate the page (like implementing other http
services). Assign an instance to ServerOptions.health_reporter, which is not
owned by server and must be valid during lifetime of the server. Users may
return richer healthy information according to application requirements.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@brpc.apache.org
For additional commands, e-mail: dev-h...@brpc.apache.org
