Unprivileged user?
Ricardo Newbery
ric at digitalmarbles.com
Tue Apr 15 08:20:11 CEST 2008
On Apr 14, 2008, at 11:03 PM, Per Andreas Buer wrote:
> Ricardo Newbery skrev:
>> I'm trying to understand the purpose of the "-u user" option for
>> varnishd. It appears that even when starting up as root, and the
>> child process dropping to "nobody", Varnish is still saving and
>> serving from cache even though "nobody" doesn't have read/write
>> access
>> to the storage file owned by root.
>
> In Unix, if you drop privileges, you still have access to all your
> open
> files. Access control happens when you open files. That should answer
> the rest of your questions too, I believe.
Hmm... maybe I'm missing something but this doesn't seem to answer the
main question. If, as you seem to imply, Varnish is opening any files
it needs while it's still "root", then what is the purpose of the "-u
user" option?
Ric
More information about the varnish-misc
mailing list