> After checking on this bug with upstream, I as refered to this two > year old thread: > > http://thread.gmane.org/gmane.comp.web.cherokee.general/1898 > > In short, in order for the behaviour to be different, the server would > not be able to completely drop privileges, so this was judged the best > situation. > > Feel free either to reopen the bug with argumentation or to directly > take this to the upstream authors for their consideration if you feel > this should be handled differently.
The logging part would have to run in another process as another user. I don't think the Linux security model has a better solution for this. Olaf -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org