From aa13b9b980e3de9dcc7a303c47259a90b5a0ba03 Mon Sep 17 00:00:00 2001 From: moparisthebest Date: Fri, 19 Apr 2013 07:58:58 -0400 Subject: [PATCH] Drop priveleges only after listening on possibly priveleged port --- src/shrpx.cc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/shrpx.cc b/src/shrpx.cc index f533988..13e3a10 100644 --- a/src/shrpx.cc +++ b/src/shrpx.cc @@ -259,10 +259,6 @@ int event_loop() } } - // ListenHandler loads private key. After that, we drop the root - // privileges if needed. - drop_privileges(); - evconnlistener *evlistener6, *evlistener4; evlistener6 = create_evlistener(listener_handler, AF_INET6); evlistener4 = create_evlistener(listener_handler, AF_INET); @@ -272,6 +268,10 @@ int event_loop() exit(EXIT_FAILURE); } + // ListenHandler loads private key, and we listen on a priveleged port. + // After that, we drop the root privileges if needed. + drop_privileges(); + if(get_config()->num_worker > 1) { listener_handler->create_worker_thread(get_config()->num_worker); } else if(get_config()->downstream_proto == PROTO_SPDY) {