Actions
Bug #1336
closedserver.username & server.groupname
Status:
Wontfix
Priority:
Normal
Category:
core
Target version:
-
ASK QUESTIONS IN Forums:
Description
Currently, server.username sets only the user and server.groupname sets only the group.
This means that if lighttpd is started as root, both server.username and server.groupname must be specified in order for lighttpd to drop privileges.
It also means that there is no facility to set a group list.
I propose updating the server.username and server.groupname logic as follows:
if server.groupname is set {
setgroups( to specified group )
setgid( to specified group )
}
elseif server.username is set {
setgroups( to group list for specified user )
setgid( to group for specified user )
}
if server.username is set {
setuid( to specified user )
}I am willing to write a patch if the logic is agreeable.
-- daniel.kauffman
Updated by stbuehler over 15 years ago
- Status changed from New to Fixed
- Resolution set to wontfix
You have to specify username and the primary group you want, initgroups is used to set the other groups a user is in. perhaps we could use the default primary group of a user if no group is given. (such a patch would probably get accepted).
Updated by gstrauss about 8 years ago
- Related to Bug #2725: server.groupname not required with server.username added
Updated by gstrauss about 8 years ago
- Related to deleted (Bug #2725: server.groupname not required with server.username)
Updated by gstrauss about 8 years ago
- Related to Bug #2725: server.groupname not required with server.username added
Actions
Also available in: Atom