diff options
author | feld <feld@FreeBSD.org> | 2017-02-03 01:50:46 +0800 |
---|---|---|
committer | feld <feld@FreeBSD.org> | 2017-02-03 01:50:46 +0800 |
commit | ffcf428474298f3d1b31d610a2da7ddb35557f51 (patch) | |
tree | 25b51eb31384909f7ed54e9f18998a69ec68a501 | |
parent | eda1991f05ff45ea92b4c9a5c0222c98322111b5 (diff) | |
download | freebsd-ports-gnome-ffcf428474298f3d1b31d610a2da7ddb35557f51.tar.gz freebsd-ports-gnome-ffcf428474298f3d1b31d610a2da7ddb35557f51.tar.zst freebsd-ports-gnome-ffcf428474298f3d1b31d610a2da7ddb35557f51.zip |
Add new UPDATING entry with details on newest changes to uwsgi
-rw-r--r-- | UPDATING | 13 |
1 files changed, 13 insertions, 0 deletions
@@ -5,6 +5,19 @@ they are unavoidable. You should get into the habit of checking this file for changes each time you update your ports collection, before attempting any port upgrades. +20170202: + AFFECTS: users of www/uwsgi + AUTHOR: feld@FreeBSD.org + + The previous disruptive changes to uwsgi for security have been remediated + through creation of a dedicated uwsgi user/group and utilizing the + uwsgi feature to set socket ownership. The uwsgi daemon by default now + has the following properties: + + * Process runs as uwsgi user and group (UID/GID 165) + * Socket mode is 660, still protecting unauthorized access from "other" + * Socket ownership is www:www, restoring compatibility + 20170130: AFFECTS: users of devel/ice, devel/py-ice, devel/php5-ice AUTHOR: grembo@FreeBSD.org |