Unprivileged user?
Ricardo Newbery
ric at digitalmarbles.com
Tue Apr 15 09:01:17 CEST 2008
On Apr 14, 2008, at 11:25 PM, Per Andreas Buer wrote:
> Ricardo Newbery skrev:
>
>> Hmm... maybe I'm missing something but this doesn't seem to answer
>> the
>> main question. If, as you seem to imply, Varnish is opening any
>> files
>> it needs while it's still "root", then what is the purpose of the "-u
>> user" option?
>
> I'm guessing Varnish (like most Unix daemons) opens the file as root
> and
> then drops its privileges. That way, when Varnish deals with the
> untrusted data coming from the network it runs as an unprivileged
> user.
>
> So, I there is a buffer overflow in Varnish, the code won't run with
> root privileges.
>
> Per.
Again, this is *not* my question. Of course dropping privileges is a
standard practice for daemons that need temporary elevated privileges.
But this does not explain the purpose that the "-u user" option serves
in the Varnish case... other than perhaps to provide another option in
case the standard default "nobody" is not available for some reason.
In Apache, the less-privileged user still needs read access to the
files it serves. In Squid, the less-privileged user still needs write
access to the cache directory in order to create the cache storage.
In Varnish, does the less-privileged user need access to anything?
Ric
More information about the varnish-misc
mailing list