svn commit: r432604 - head

Mark Felder feld at FreeBSD.org
Fri Jan 27 23:37:49 UTC 2017


Author: feld
Date: Fri Jan 27 23:37:47 2017
New Revision: 432604
URL: https://svnweb.freebsd.org/changeset/ports/432604

Log:
  Add UPDATING entry to notify about uwsgi default socket mode change

Modified:
  head/UPDATING

Modified: head/UPDATING
==============================================================================
--- head/UPDATING	Fri Jan 27 23:21:58 2017	(r432603)
+++ head/UPDATING	Fri Jan 27 23:37:47 2017	(r432604)
@@ -5,6 +5,15 @@ they are unavoidable.
 You should get into the habit of checking this file for changes each time
 you update your ports collection, before attempting any port upgrades.
 
+20170127:
+  AFFECTS: users of www/uwsgi
+  AUTHOR: feld at FreeBSD.org
+
+  The default socket mode for uwsgi as 777 is a severe security concern.
+  This has been remediated by changing the rc script to default to 600.
+  The mode is configurable with rc.conf values: uwsgi_socket_mode="600"
+  or for a profile named "www", uwsgi_www_socket_mode="600".
+
 20170121:
   AFFECTS: users of security/tinc
   AUTHOR: dinoex at FreeBSD.org


More information about the svn-ports-all mailing list