[Varnish] #1482: [PATCH]: initialize supplementary groups before setuid()
Varnish
varnish-bugs at varnish-cache.org
Tue Apr 22 10:52:47 CEST 2014
#1482: [PATCH]: initialize supplementary groups before setuid()
-------------------------+----------------------------------------
Reporter: idl0r | Owner: Poul-Henning Kamp <phk@…>
Type: enhancement | Status: closed
Priority: normal | Milestone:
Component: build | Version: trunk
Severity: normal | Resolution: fixed
Keywords: |
-------------------------+----------------------------------------
Changes (by Poul-Henning Kamp <phk@…>):
* owner: => Poul-Henning Kamp <phk@…>
* status: new => closed
* resolution: => fixed
Comment:
In [3599490aed5524ea19a63cf488a60dc8ddb59365]:
{{{
#!CommitTicketReference repository=""
revision="3599490aed5524ea19a63cf488a60dc8ddb59365"
One may have gcc or other things restricted, so that e.g. only a
specific user and/or group may execute it. Varnish never inherited
the groups of the user that has been specified by "-u". initgroups()
will make sure that varnish gets all supplementary groups.
Submitted by: Christian Ruppert
Fixes #1482
}}}
--
Ticket URL: <https://www.varnish-cache.org/trac/ticket/1482#comment:2>
Varnish <https://varnish-cache.org/>
The Varnish HTTP Accelerator
More information about the varnish-bugs
mailing list