Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 




      :: nginx-ru
Nginx-ru mailing list archive (nginx-ru@sysoev.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] Start use capabilities on linux


On Wed, Mar 18, 2009 at 12:36:47AM +0300, Kirill A. Korinskiy wrote:

> From: Kirill A. Korinskiy <catap@xxxxxxxx>
> The nginx required privilege mode only on master process and only bind
> ports <1024. In linux proccess can bind ports <1024 in not privilege
> mode if the process does capset(CAP_NET_BIND_SERVICE).

Note that using root for master process needed not only for 
bind(), but also to access restricted configuration files (e.g.  
private keys) during reconfiguration.  So dropping root from 
master should be at least configurable.

It's also not clear what will happen on binary upgrade.  Looks 
like with current code capabilities will be lost on exec() and 
upgraded binary won't be able to bind() privileged ports anymore.  
But I'm not really familiar will linux capabilites interface, so I 
may be wrong.

Not even mentioning you are dropping root before writing pidfile. 

Also there is a couple of unrelated changes and some whitespace 
damage/style violations, but it doesn't really matter.

Maxim Dounin


Copyright © Lexa Software, 1996-2009.