> Greetings, > > We are a small company who are increasingly relying on > memcached for our big projects. We are very pleased with > its performance. > > I've put this patch that > > 1) chroots to /var/empty > 2) change from root to a simple user. > > It effectively jails the process once it no longer needs root > privilege and allows an attacker very little room to play. > > The patch has been working fine on our gentoo server for > quite some time. > > Feedback is most welcomed, and we are more than willing to > improve the patch to fit your standards.
I'm a little confused; there is already a method for memcached to drop user privileges, by specifying the -u option? What's the purpose of this that the other function doesn't do?
