Thank you for your suggestion, but there is already a simple solution: run the backend service independently from lighttpd and have the backend service create the socket with desired ownership, rather than having lighttpd do so.
[Edit: I misread the patch; it is not for a backend. Still, there are external solutions, such as running lighttpd as the target user and creating the socket within a directory containing appropriately restricted permissions, or having systemd socket activation create the listening socket with the desired permissions.]
Since you submitted some code, here is some feedback on the code, though your code will not be accepted into lighttpd:
- before flinging code at another site, it is often a good idea to ask questions in the forums to find out the feasibility of the patch
- before flinging code at another site, it is often a good idea to see if someone else has already done what you are trying to do
- someone made a similar suggestion in 2017 for lighttpd 1.4.46: https://pastebin.com/1xgUMaGS
- before flinging code at another site, take a look to see how contributions are accepted
- as @stbuehler noted, a unified diff is required here (and you subsequently attached one, so thank you). I have never seen .h_dif or .c_diff file extensions.
- your code is unix-centric without making appropriate compile time tests.
<pwd.h> and <grp.h> headers might not be present, and subsequently their associated function calls
- e.g. lighttpd server.c tests #ifdef HAVE_PWD_H
- your code is unix-centric and assumes lighttpd is running root, but does not check that
- e.g. lighttpd server.c tests #ifdef HAVE_GETUID and checks (0 == getuid())
- your code has numerous simple mistakes, which is sloppy for such a small patch
- your code issues log trace but fails to emit a fatal error if getpwnam, getgrnam, or chown fail. That is a clear failure in secure coding practices.
- your code makes a mistake in its checking, which can lead to a server crash at startup when s->socket_user or s->socket_group are not set.
if ((!buffer_string_is_empty(s->socket_perms)) && (!buffer_string_is_empty(s->socket_perms))){
I think you meant if ((!buffer_string_is_empty(s->socket_user)) && (!buffer_string_is_empty(s->socket_group))){
(It is clear that you did not test your code without those directives set)
- your code has multiple obvious whitespace inconsistencies
- your code has one misspelling of "unabe" ("unable")
I create little pacth maybe he will be useful to someone else.
Please post such things to the Forums. See that "Forums" tab at the top of the page.
If you would like to discuss this further, please post in the Forums and reference this page. Further posts here may be ignored.