On Apr 14, 2008, at 11:25 PM, Per Andreas Buer wrote: > Ricardo Newbery skrev: > >> Hmm... maybe I'm missing something but this doesn't seem to answer >> the >> main question. If, as you seem to imply, Varnish is opening any >> files >> it needs while it's still "root", then what is the purpose of the "-u >> user" option? > > I'm guessing Varnish (like most Unix daemons) opens the file as root > and > then drops its privileges. That way, when Varnish deals with the > untrusted data coming from the network it runs as an unprivileged > user. > > So, I there is a buffer overflow in Varnish, the code won't run with > root privileges. > > Per.
Again, this is *not* my question. Of course dropping privileges is a standard practice for daemons that need temporary elevated privileges. But this does not explain the purpose that the "-u user" option serves in the Varnish case... other than perhaps to provide another option in case the standard default "nobody" is not available for some reason. In Apache, the less-privileged user still needs read access to the files it serves. In Squid, the less-privileged user still needs write access to the cache directory in order to create the cache storage. In Varnish, does the less-privileged user need access to anything? Ric _______________________________________________ varnish-misc mailing list [email protected] http://projects.linpro.no/mailman/listinfo/varnish-misc
