Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 2 Feb 2017 17:50:46 +0000 (UTC)
From:      Mark Felder <feld@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r433174 - head
Message-ID:  <201702021750.v12HokDk004835@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: feld
Date: Thu Feb  2 17:50:46 2017
New Revision: 433174
URL: https://svnweb.freebsd.org/changeset/ports/433174

Log:
  Add new UPDATING entry with details on newest changes to uwsgi

Modified:
  head/UPDATING

Modified: head/UPDATING
==============================================================================
--- head/UPDATING	Thu Feb  2 17:46:08 2017	(r433173)
+++ head/UPDATING	Thu Feb  2 17:50:46 2017	(r433174)
@@ -5,6 +5,19 @@ they are unavoidable.
 You should get into the habit of checking this file for changes each time
 you update your ports collection, before attempting any port upgrades.
 
+20170202:
+  AFFECTS: users of www/uwsgi
+  AUTHOR: feld@FreeBSD.org
+
+  The previous disruptive changes to uwsgi for security have been remediated
+  through creation of a dedicated uwsgi user/group and utilizing the
+  uwsgi feature to set socket ownership. The uwsgi daemon by default now
+  has the following properties:
+
+  * Process runs as uwsgi user and group (UID/GID 165)
+  * Socket mode is 660, still protecting unauthorized access from "other"
+  * Socket ownership is www:www, restoring compatibility
+
 20170130:
   AFFECTS: users of devel/ice, devel/py-ice, devel/php5-ice
   AUTHOR: grembo@FreeBSD.org



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201702021750.v12HokDk004835>