socket security
ClosedPublic
Actions

Authored by feld on Jan 31 2017, 3:40 PM.

Details

Reviewers

AMDmi3
demon

Commits

rP433172: www/uwsgi: Further rc script security improvements

Summary

Make uwsgi daemon run under its own user/group by default
Introduce setting to control socket ownership, permitting www:www access by default

This provides a clear separation between the daemon and the webserver while maintaining
compatibilty.

Diff Detail

Repository

rP FreeBSD ports repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

feld updated this revision to Diff 24602.Jan 31 2017, 3:40 PM

feld retitled this revision from to Further improve www/uwsgi daemon/socket security.

feld updated this object.

feld edited the test plan for this revision. (Show Details)

feld added a reviewer: AMDmi3.

Herald added a subscriber: mat. · View Herald TranscriptJan 31 2017, 3:40 PM

LGTM. Additional UPDATING entry would be nice too

This revision is now accepted and ready to land.Jan 31 2017, 3:42 PM

prj_rootwyrm.com added a subscriber: prj_rootwyrm.com.Jan 31 2017, 3:49 PM

adding demon, as this is his port

Closed by commit rP433172: www/uwsgi: Further rc script security improvements (authored by feld). · Explain WhyFeb 2 2017, 5:45 PM

This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

Path

Size

head/

GIDs

2 lines

UIDs

2 lines

www/

uwsgi/

Makefile

5 lines

files/

uwsgi.in

18 lines

Diff 24665

View Options

head/GIDs

View Options

head/UIDs

View Options

head/www/uwsgi/Makefile

View Options

head/www/uwsgi/files/uwsgi.in

Further improve www/uwsgi daemon/socket securityClosedPublicActions

Details

Diff Detail

Event Timeline

Revision ContentsChangeset List

Diff 24665

head/GIDs

head/UIDs

head/www/uwsgi/Makefile

head/www/uwsgi/files/uwsgi.in

Further improve www/uwsgi daemon/socket security
ClosedPublic
Actions

Revision Contents
Changeset List