Date: Fri, 27 Jan 2017 23:37:47 +0000 (UTC) From: Mark Felder <feld@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r432604 - head Message-ID: <201701272337.v0RNbl5i053439@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: feld Date: Fri Jan 27 23:37:47 2017 New Revision: 432604 URL: https://svnweb.freebsd.org/changeset/ports/432604 Log: Add UPDATING entry to notify about uwsgi default socket mode change Modified: head/UPDATING Modified: head/UPDATING ============================================================================== --- head/UPDATING Fri Jan 27 23:21:58 2017 (r432603) +++ head/UPDATING Fri Jan 27 23:37:47 2017 (r432604) @@ -5,6 +5,15 @@ they are unavoidable. You should get into the habit of checking this file for changes each time you update your ports collection, before attempting any port upgrades. +20170127: + AFFECTS: users of www/uwsgi + AUTHOR: feld@FreeBSD.org + + The default socket mode for uwsgi as 777 is a severe security concern. + This has been remediated by changing the rc script to default to 600. + The mode is configurable with rc.conf values: uwsgi_socket_mode="600" + or for a profile named "www", uwsgi_www_socket_mode="600". + 20170121: AFFECTS: users of security/tinc AUTHOR: dinoex@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201701272337.v0RNbl5i053439>