Date: Thu, 2 Feb 2017 17:50:46 +0000 (UTC) From: Mark Felder <feld@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r433174 - head Message-ID: <201702021750.v12HokDk004835@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: feld Date: Thu Feb 2 17:50:46 2017 New Revision: 433174 URL: https://svnweb.freebsd.org/changeset/ports/433174 Log: Add new UPDATING entry with details on newest changes to uwsgi Modified: head/UPDATING Modified: head/UPDATING ============================================================================== --- head/UPDATING Thu Feb 2 17:46:08 2017 (r433173) +++ head/UPDATING Thu Feb 2 17:50:46 2017 (r433174) @@ -5,6 +5,19 @@ they are unavoidable. You should get into the habit of checking this file for changes each time you update your ports collection, before attempting any port upgrades. +20170202: + AFFECTS: users of www/uwsgi + AUTHOR: feld@FreeBSD.org + + The previous disruptive changes to uwsgi for security have been remediated + through creation of a dedicated uwsgi user/group and utilizing the + uwsgi feature to set socket ownership. The uwsgi daemon by default now + has the following properties: + + * Process runs as uwsgi user and group (UID/GID 165) + * Socket mode is 660, still protecting unauthorized access from "other" + * Socket ownership is www:www, restoring compatibility + 20170130: AFFECTS: users of devel/ice, devel/py-ice, devel/php5-ice AUTHOR: grembo@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201702021750.v12HokDk004835>