[stunnel-users] Q: rereading configuration file?
Michal Trojnara
Michal.Trojnara at mobi-com.net
Tue Feb 1 16:02:51 CET 2005
Peter Pentchev wrote:
> Part of the reason that I think this has not been done is that in most
> cases (at least under Unix), stunnel is running in a chroot jail for
> security reasons. If so, the stunnel process that receives the signal
> has absolutely no way to access the config file - it is most probably
> outside the chroot tree where the stunnel process operates.
Of course rereading configuration file won't be compatible with chroot
(unless you place a copy of the configuration file/certificate/etc. inside
the chroot jail).
Another obvious problem I expect is the setuid option and binding ports
below 1024. 8-)
Rereading of the configuration file is on my TODO aka waiting-for-a-sponsor
list, anyway.
http://stunnel.mirt.net/todo_sdf.html
Best regards,
Mike
More information about the stunnel-users
mailing list