Chris Josephes wrote: >> *I think this is a question of fully utilizing SMF security features, >> along with potentially maintaining patches to some of the open source >> code to bypass their own cross-platform security implementation, and >> needing to help users understand why our delivery of a familiar server >> is supposed to operate differently than they are accustomed. >> > > I think there's something that requires clarification here. > > Nothing that I originally proposed requires changing the source code, > maintaining a fork, or contributing patches to the Danga memcache code. It > was only a proposed change to the manifest file and method script. And from > what I can tell, those 2 files aren't even shipped and distrbuted by Danga. > > For example, I could download the current memcache distribution, replace > those two files myself and it would still work perfectly. >
I'm not disputing what you say about memcached, other than the implication that SMF shouldn't be used unless SMF security features and Solaris privileges are used to avoid starting the service as root. My main intention was to point out that some other Web Stack servers integrated into OpenSolaris also run in the usual manner (as on other Unix or Linux) instead of using some combination of Solaris privileges and SMF features to avoid starting as root; thus, if the SMF integration of memcached is really a major problem then some effort is needed to analyze the issues for these other Web Stack components as well.
