ðòïåëôù 


  áòèé÷ 


Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 


  óôáôøé 


  ðåòóïîáìøîïå 


  ðòïçòáííù 



ðéûéôå
ðéóøíá












     áòèé÷ :: nginx-ru
Nginx-ru mailing list archive (nginx-ru@sysoev.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] Start use capabilities on linux



Hello!

On Wed, Mar 18, 2009 at 12:36:47AM +0300, Kirill A. Korinskiy wrote:

> From: Kirill A. Korinskiy <catap@xxxxxxxx>
> 
> The nginx required privilege mode only on master process and only bind
> ports <1024. In linux proccess can bind ports <1024 in not privilege
> mode if the process does capset(CAP_NET_BIND_SERVICE).

Note that using root for master process needed not only for 
bind(), but also to access restricted configuration files (e.g.  
private keys) during reconfiguration.  So dropping root from 
master should be at least configurable.

It's also not clear what will happen on binary upgrade.  Looks 
like with current code capabilities will be lost on exec() and 
upgraded binary won't be able to bind() privileged ports anymore.  
But I'm not really familiar will linux capabilites interface, so I 
may be wrong.

Not even mentioning you are dropping root before writing pidfile. 
:)

Also there is a couple of unrelated changes and some whitespace 
damage/style violations, but it doesn't really matter.

Maxim Dounin



 




Copyright © Lexa Software, 1996-2009.