Ricardo Newbery skrev: > Hmm... maybe I'm missing something but this doesn't seem to answer the > main question. If, as you seem to imply, Varnish is opening any files > it needs while it's still "root", then what is the purpose of the "-u > user" option?
I'm guessing Varnish (like most Unix daemons) opens the file as root and then drops its privileges. That way, when Varnish deals with the untrusted data coming from the network it runs as an unprivileged user. So, I there is a buffer overflow in Varnish, the code won't run with root privileges. Per. _______________________________________________ varnish-misc mailing list [email protected] http://projects.linpro.no/mailman/listinfo/varnish-misc
