我使用Django和uWSGI,这是我的django.ini文件:
# django.ini file
[uwsgi]
# master
master = true
touch-reload = /www/django.ini
# maximum number of processes
processes = 8
# the socket (use the full path to be safe)
socket = /tmp/uwsgi.sock
# with appropriate permissions - *may* be needed
chmod-socket = 666
# the base directory
chdir = /www/proj
# Django's wsgi file
wsgi-file = /www/proj/proj/wsgi.py
# the virtualenv
home = /home/me/.djenv
# clear environment on exit
vacuum = true
我也有
# ls -al /tmp/uwsgi.sock
srw-rw-rw- 1 me me 0 Mar 13 03:07 /tmp/uwsgi.sock
me
是www-data
群组
我对666
chmod-socket
的许可感到不安,但是当我发表评论时,我会uwsgi --ini django.ini
重新启动脚本{}} 502 Bad Gateway
。
所以想知道是否授予套接字666权限可能会带来安全问题,如果是这样,如何修复它?