Unprivileged user?
Stig Sandbeck Mathisen
ssm at linpro.no
Wed Apr 16 07:50:05 CEST 2008
On Tue, 15 Apr 2008 00:01:17 -0700, Ricardo Newbery <ric at digitalmarbles.com> said:
> In Varnish, does the less-privileged user need access to anything?
After it has dropped root privileges, it needs at least:
* Open new network connections (no problem unless you use MAC or a
uid-matching firewall)
* Read access to where you store your VCL files
* Execute a C compiler
* Write access to its cache directory, to store the compiled
configuration
* Write core dumps
...possibly more.
--
Stig Sandbeck Mathisen, Linpro
More information about the varnish-misc
mailing list