Hello!
On Sat, May 3, 2014 at 8:36 AM, Mathew Heard wrote:
> Is there any documentation as to the user used to:
> a) Parse and Compile the Lua source code. I understand this is done on
> reload so would it be safe to assume this is done by root?
Actually, according to the current implementation, only init_by_lua*
directives are parsed and run by root. Code chunks specified by other
directives, like content_by_lua, are parsed and loaded upon the first
request served by the corresponding worker process.
> b) Execute the various contexts? Would it be safe to assume that with the
> exception of init_by_lua the contexts are all executed by the worker user?
>
Yes.
> I am aware I can break out some code to test this, but given the nature of
> the question (security) I feel its best to be sure.
>
Right.
Regards,
-agentzh