Opened 9 years ago
Closed 9 years ago
#805 closed enhancement (wontfix)
small new optional feature for unixes
| Reported by: | David CARLIER | Owned by: | |
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | nginx-core | Version: | 1.9.x |
| Keywords: | Cc: | ||
| uname -a: | Linux | ||
| nginx -V: | nginx/1.9.6 | ||
Description
Hi all,
I created a small new optional feature to chroot nginx after reading the configuration.
Hope it finds any use.
Kindest regards.
Attachments (1)
Change History (2)
by , 9 years ago
| Attachment: | nginx-chroot.diff added |
|---|
comment:1 by , 9 years ago
| Resolution: | → wontfix |
|---|---|
| Status: | new → closed |
Chrooting to the prefix looks like a wrong idea, in particular, because many paths, including compiled in ones, can be outside of the prefix. I would rather think of chroot()'ing to some arbitrary path. The part trying to do adjustments in ngx_http_core_root() looks very wrong, too, you shouldn't try to adjust anything agains chroot() path at that level.
If you want to work further on chroot() stuff, please take a look at what OpenBSD guys did at their source tree. AFAIK, they have/had some chroot() implementation.
Please also take a look at http://nginx.org/en/docs/contributing_changes.html. Trac isn't how we prefer to review patches.
new chroot mode