Unprivileged user?
Poul-Henning Kamp
phk at phk.freebsd.dk
Tue Apr 15 09:15:30 CEST 2008
In message <B40B98C4-A36B-479F-BBC3-CD372C5E7CEB at digitalmarbles.com>, Ricardo N
ewbery writes:
>I'm trying to understand the purpose of the "-u user" option for
>varnishd. It appears that even when starting up as root, and the
>child process dropping to "nobody", Varnish is still saving and
>serving from cache even though "nobody" doesn't have read/write access
>to the storage file owned by root.
The file is opened before the cache process drops to nobody, and in
UNIX the access check is performed at open time and not at read/write
time.
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
More information about the varnish-misc
mailing list