-
Nils Goroll authored
Also (re)used to make fork privileges available when we start a subprocess: As we are going to apply the JAIL_SUBPROC privileges to the forked process, having slightly eleveated privileges only agross the fork() should not cause any harm. - This concludes the current series of Solaris jail patches, hopefully. With this commit, varnishd started with pfexec ("root privileges") keeps the following privileges only (ppriv -v output) on Solaris: * master:: flags = PRIV_AWARE E: file_read,file_write,net_access I: none P: file_read,file_write,net_access,net_privaddr,proc_exec,proc_fork,proc_info,proc_owner,proc_setid L: file_read,file_write,net_access,net_privaddr,proc_exec,proc_fork,proc_info,proc_owner,proc_setid notes: E: file_read is required for basic config files like /etc/netconfig net_access is required for CLI communication file_write could potentially be removed if any file write operations (e.g. writing vcl files) were wrapped with JAIL_MASTER_FILE, but I do not consider this a relevant gain for now. For other master jail states, E will be momentarily expanded. I: will be momentarily expanded for system() P: Contains the union of all privileges used anywhere in varnish L: Could potentially be reduced further, but P already limits * worker:: flags = PRIV_AWARE E: file_read,file_write,net_access I: none P: file_read,file_write,net_access,proc_info L: file_read,file_write,net_access,proc_info,proc_setid proc_setid is only used when the worker starts and then dropped proc_info is only used by vmod_unix
Name |
Last commit
|
Last update |
---|---|---|
.. | ||
cache | ||
common | ||
fuzzers | ||
hash | ||
hpack | ||
http1 | ||
http2 | ||
mgt | ||
proxy | ||
storage | ||
waiter | ||
Makefile.am | ||
VSC_lck.vsc | ||
VSC_main.vsc | ||
VSC_mempool.vsc | ||
VSC_mgt.vsc | ||
VSC_sma.vsc | ||
VSC_smf.vsc | ||
VSC_smu.vsc | ||
VSC_vbe.vsc | ||
builtin.vcl | ||
flint.lnt | ||
flint.sh | ||
vclflint.lnt | ||
vclflint.sh |