ric at digitalmarbles.com
Tue Apr 15 10:10:21 CEST 2008
On Apr 15, 2008, at 12:31 AM, Michael S. Fischer wrote:
> On Tue, Apr 15, 2008 at 12:25 AM, Ricardo Newbery
> <ric at digitalmarbles.com> wrote:
>> Assuming that "nobody" is an available user on your system, then is
>> the "-u user" option for varnishd superfluous?
> Who's to say that "nobody" is an unprivileged user?
> nobody:*:0:0:alias for root:...
> Well-engineered software doesn't make potentially false assumptions
> about the environment in which it runs.
Geez Michael... this is unnecessarily snarky.
Anyone that redefines "nobody" in this way is just asking for
trouble. But in any case, I'm not suggesting that this option is
superfluous in the general case. I'm just trying to find out whether,
in the ordinary scenario, I need to concern myself with the access
privileges of the less-privileged user -- as is the case in many other
apps that do this, like Apache or Varnish.
More information about the varnish-misc