diff options
author | Jeremy Evans <code@jeremyevans.net> | 2017-03-08 10:19:02 -0800 |
---|---|---|
committer | Eric Wong <e@80x24.org> | 2017-03-10 20:27:41 +0000 |
commit | ea1a4360d66a833d75fbd887388d8cd4fe4ae299 (patch) | |
tree | c2f631143f2acb5fcfd092097ee6db42ad55f762 /lib/unicorn/worker.rb | |
parent | 59e39cbc68c49623949b3e5c2d7e113e96e90a27 (diff) | |
download | unicorn-ea1a4360d66a833d75fbd887388d8cd4fe4ae299.tar.gz |
The worker_exec configuration option makes all worker processes exec after forking. This initializes the worker processes with separate memory layouts, defeating address space discovery attacks on operating systems supporting address space layout randomization, such as Linux, MacOS X, NetBSD, OpenBSD, and Solaris. Support for execing workers is very similar to support for reexecing the master process. The main difference is the worker's to_i and master pipes also need to be inherited after worker exec just as the listening sockets need to be inherited after reexec. Because execing working is similar to reexecing the master, this extracts a couple of methods from reexec (listener_sockets and close_sockets_on_exec), so they can be reused in worker_spawn.
Diffstat (limited to 'lib/unicorn/worker.rb')
-rw-r--r-- | lib/unicorn/worker.rb | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/lib/unicorn/worker.rb b/lib/unicorn/worker.rb index e22c1bf..8bbac5e 100644 --- a/lib/unicorn/worker.rb +++ b/lib/unicorn/worker.rb @@ -12,18 +12,19 @@ class Unicorn::Worker # :stopdoc: attr_accessor :nr, :switched attr_reader :to_io # IO.select-compatible + attr_reader :master PER_DROP = Raindrops::PAGE_SIZE / Raindrops::SIZE DROPS = [] - def initialize(nr) + def initialize(nr, pipe=nil) drop_index = nr / PER_DROP @raindrop = DROPS[drop_index] ||= Raindrops.new(PER_DROP) @offset = nr % PER_DROP @raindrop[@offset] = 0 @nr = nr @switched = false - @to_io, @master = Unicorn.pipe + @to_io, @master = pipe || Unicorn.pipe end def atfork_child # :nodoc: |