14 Aug
2008
14 Aug
'08
11:30 p.m.
On Aug 14, 2008, at 4:25 PM, Giorgenes Gelatti wrote:
2008/8/14 Timo Sirainen tss@iki.fi:
But there are even some theoretical problems with preforking. For
example the most secure way to set up your users is to use a different UNIX
UID for each user. So for preforking that means your preforked processes
must run as root until they receive the information about which UID they need
to run as. And the code running as root should be minimized..True, but it's a common scenario to have thousands of users, in which case they usually have all the same UID.
I'm hoping that'll change some day in future when there are better
tools to easily support UID-per-user. :)