Unprivileged user?

Poul-Henning Kamp phk at phk.freebsd.dk
Tue Apr 15 10:16:08 CEST 2008


In message <86db848d0804150031u56d04f2el347f6200daad766d at mail.gmail.com>, "Mich
ael S. Fischer" writes:

>On Tue, Apr 15, 2008 at 12:25 AM, Ricardo Newbery
><ric at digitalmarbles.com> wrote:
>>  Assuming that "nobody" is an available user on your system, then is
>>  the "-u user" option for varnishd superfluous?
>
>Who's to say that "nobody" is an unprivileged user?
>
>/etc/passwd:
>
>nobody:*:0:0:alias for root:...
>
>Well-engineered software doesn't make potentially false assumptions
>about the environment in which it runs.

And they don't.

Varnish for instance assumes that the administrator is not a total
madman, who would do something as patently stupid as you prospose
above, under the general assumption that if he were, varnish would
be the least of his troubles.

Can we be a bit serious here ?

Thanks.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.



More information about the varnish-misc mailing list