[Varnish] #1663: Both chmod 0755 and chown mgmt.uid used
Varnish
varnish-bugs at varnish-cache.org
Wed Jan 21 19:45:00 CET 2015
#1663: Both chmod 0755 and chown mgmt.uid used
------------------------+----------------------
Reporter: puiterwijk | Type: defect
Status: new | Priority: normal
Milestone: | Component: varnishd
Version: trunk | Severity: normal
Keywords: |
------------------------+----------------------
For ticket #1072, a line was added to mgmt_vcc.c to chmod the output VCL
library to 0755 (commit ee4396), saying that you didn't want to rely on
the file ownership being the unprivileged user.
Later on, for ticket #1153, this has seemingly be reconsidered, and the
file is now given a fchown to the unprivileged user (commit b7175b).
The problem now is that since the file is no longer owner by the user
running the management process (it's now owned by the unprivileged user,
while the management process is running as root), it requires the fowner
(file owner) linux kernel permission.
Would it be required to do both, or would just the fchown suffice, as then
it would require less permissions?
--
Ticket URL: <https://www.varnish-cache.org/trac/ticket/1663>
Varnish <https://varnish-cache.org/>
The Varnish HTTP Accelerator
More information about the varnish-bugs
mailing list