Unprivileged user?
Ricardo Newbery
ric at digitalmarbles.com
Tue Apr 15 08:48:57 CEST 2008
On Apr 14, 2008, at 11:25 PM, Florian Engelhardt wrote:
> On Mon, 14 Apr 2008 23:20:11 -0700
> Ricardo Newbery <ric at digitalmarbles.com> wrote:
>
>>
>> On Apr 14, 2008, at 11:03 PM, Per Andreas Buer wrote:
>>
>>> Ricardo Newbery skrev:
>>>> I'm trying to understand the purpose of the "-u user" option for
>>>> varnishd. It appears that even when starting up as root, and the
>>>> child process dropping to "nobody", Varnish is still saving and
>>>> serving from cache even though "nobody" doesn't have read/write
>>>> access
>>>> to the storage file owned by root.
>>>
>>> In Unix, if you drop privileges, you still have access to all your
>>> open
>>> files. Access control happens when you open files. That should
>>> answer the rest of your questions too, I believe.
>>
>> Hmm... maybe I'm missing something but this doesn't seem to answer
>> the main question. If, as you seem to imply, Varnish is opening any
>> files it needs while it's still "root", then what is the purpose of
>> the "-u user" option?
>
> Thats the same thing in apache, mysql, ...
> Open every filehandle you need, then drop privileges. In case the
> software is beeing hacked, it can not damage the system, only the
> opened file pointers and everything the user can do. If the daemon
> would run as root, the hacker could do everything with your computer.
>
> /Flo
Please reread my question. I know why privileges are dropped. That
is not the question.
Ric
More information about the varnish-misc
mailing list