[TS-352] Do not allow to run as root user unless explicitly compiled - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.1.1
Fix Version/s: 2.1.1
Component/s: Configuration
Labels:
None

Description

Currently one can specify the proxy.config.admin.user_id=root making the trafficserver to serve all pages under root account.
Check the user_id provided making sure it's uid isn't zero.
Specifying -DBIG_SECURITY_HOLE at build time overrides that check.

Attachments

Activity

People

Assignee:: Mladen Turk

Reporter:: Mladen Turk

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 15/May/10 08:54

Updated:: 25/Aug/10 02:53

Resolved:: 15/May/10 10:41