[Bug 212911] lang/php56, lang/php70: Add umask to php-fpm rc script

Thu Sep 22 21:47:53 UTC 2016

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212911

            Bug ID: 212911
           Summary: lang/php56, lang/php70: Add umask to php-fpm rc script
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: tz at freebsd.org
          Reporter: rk at redb.cz
          Assignee: tz at freebsd.org
             Flags: maintainer-feedback?(tz at freebsd.org)

Created attachment 175077
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=175077&action=edit
Patch to add umask setting

It's a good security practice to run PHP as another user than the owner of
application source files. One drawback though with this approach - files
created by the application (uploads, caches, etc.) can not be easily deleted by
the owner of application sources.

One possible solution to this problem is to use same group for those two users
and set umask of the PHP user to 0002. Attached is a patch which allows to set
the umask for php-fpm.

-- 
You are receiving this mail because:
You are the assignee for the bug.