Thinking about sandboxing (take #2)

Poul-Henning Kamp phk at
Mon Feb 16 09:07:16 CET 2015

In message <54DCA333.5010001 at>, Nils Goroll writes:

>Yes, and there is further complication from vmods - so we might need to make the
>worker privset user-configurable to allow for vmods requiring elevated privileges.

And this is where I think complications exceed benefit...

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

More information about the varnish-dev mailing list