Unprivileged user?

Ricardo Newbery ric at digitalmarbles.com
Tue Apr 15 08:20:11 CEST 2008

On Apr 14, 2008, at 11:03 PM, Per Andreas Buer wrote:

> Ricardo Newbery skrev:
>> I'm trying to understand the purpose of the "-u user" option for
>> varnishd.  It appears that even when starting up as root, and the
>> child process dropping to "nobody", Varnish is still saving and
>> serving from cache even though "nobody" doesn't have read/write  
>> access
>> to the storage file owned by root.
> In Unix, if you drop privileges, you still have access to all your  
> open
> files. Access control happens when you open files. That should answer
> the rest of your questions too, I believe.

Hmm... maybe I'm missing something but this doesn't seem to answer the  
main question.  If, as you seem to imply, Varnish is opening any files  
it needs while it's still "root", then what is the purpose of the "-u  
user" option?


More information about the varnish-misc mailing list