Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Varnish: Commits

[master] 19a9743 -r option for read only parameters

 

 

Varnish commits RSS feed   Index | Next | Previous | View Threaded


perbu at varnish-cache

Apr 30, 2012, 12:49 AM

Post #1 of 1 (58 views)
Permalink
[master] 19a9743 -r option for read only parameters

commit 19a97432827c29a6fdc63101494ca72b109c8df2
Author: Per Buer <perbu [at] varnish-software>
Date: Mon Apr 30 09:48:56 2012 +0200

-r option for read only parameters

diff --git a/doc/sphinx/reference/varnishd.rst b/doc/sphinx/reference/varnishd.rst
index f0647b3..b75bbb0 100644
--- a/doc/sphinx/reference/varnishd.rst
+++ b/doc/sphinx/reference/varnishd.rst
@@ -23,7 +23,7 @@ varnishd [-a address[:port]] [-b host[:port]] [-d] [-F] [-f config]
[-g group] [-h type[,options]] [-i identity]
[-l shmlogsize] [-n name] [-P file] [-p param=value]
[-s type[,options]] [-T address[:port]] [-t ttl]
- [-u user] [-V]
+ [-r param[,param...]] [-u user] [-V]

DESCRIPTION
===========
@@ -110,6 +110,13 @@ OPTIONS
documents. This is a shortcut for specifying the
default_ttl run-time parameter.

+-r param[,param...]
+ Specifies a list of parameters that are read only. In a
+ very secure environment you want to consider setting
+ parameters such as *user*, *group*, *cc_command*,
+ *vcc_allow_inline_c* to read only as these can potentially
+ be used to escalate privileges.
+
-u user Specifies the name of an unprivileged user to which the child
process should switch before it starts accepting
connections. This is a shortcut for specifying the user

_______________________________________________
varnish-commit mailing list
varnish-commit [at] varnish-cache
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-commit

Varnish commits RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.