uWSGI - 将chmod-socket设置为666是否安全?

时间:2015-03-13 07:18:51

标签: python django uwsgi

我使用Django和uWSGI,这是我的django.ini文件:

# django.ini file
[uwsgi]

# master
master                  = true
touch-reload =  /www/django.ini


# maximum number of processes
processes               = 8

# the socket (use the full path to be safe)
socket          = /tmp/uwsgi.sock


# with appropriate permissions - *may* be needed
chmod-socket    = 666

# the base directory
chdir           = /www/proj

# Django's wsgi file
wsgi-file          = /www/proj/proj/wsgi.py

# the virtualenv
home            = /home/me/.djenv

# clear environment on exit
vacuum          = true

我也有

# ls -al /tmp/uwsgi.sock
srw-rw-rw- 1 me me 0 Mar 13 03:07 /tmp/uwsgi.sock

mewww-data群组

的用户

我对666 chmod-socket的许可感到不安,但是当我发表评论时,我会uwsgi --ini django.ini重新启动脚本{}} 502 Bad Gateway

所以想知道是否授予套接字666权限可能会带来安全问题,如果是这样,如何修复它?

0 个答案:

没有答案