diff options
author | Alyssa Ross <hi@alyssa.is> | 2021-01-02 08:59:28 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2021-01-02 10:26:16 +0000 |
commit | 3dd73a10335d5e5d82004c19a3ed1ee2744d9fd0 (patch) | |
tree | bac4c2061d0a5a4d32570ffa5faaa1ec6ba74bc5 /sys | |
parent | 0886e232c6a24aa8a3a67363fb92db838ac16438 (diff) | |
download | nixlib-3dd73a10335d5e5d82004c19a3ed1ee2744d9fd0.tar nixlib-3dd73a10335d5e5d82004c19a3ed1ee2744d9fd0.tar.gz nixlib-3dd73a10335d5e5d82004c19a3ed1ee2744d9fd0.tar.bz2 nixlib-3dd73a10335d5e5d82004c19a3ed1ee2744d9fd0.tar.lz nixlib-3dd73a10335d5e5d82004c19a3ed1ee2744d9fd0.tar.xz nixlib-3dd73a10335d5e5d82004c19a3ed1ee2744d9fd0.tar.zst nixlib-3dd73a10335d5e5d82004c19a3ed1ee2744d9fd0.zip |
nixos/fcgiwrap: don't run as root
Previously, fcgiwrap was run as root by default. This was bad because it meant every CGI script was run as root. Changed to set DynamicUser, so instead of having access to everything, CGI scripts will now by default only have access to things that are world-readable. This will probably break things for users, but since we can't know what they want to allow their CGI scripts access to they'll have to fix that themselves, because it would be irresponsible to leave this defaulting to root.
Diffstat (limited to 'sys')
0 files changed, 0 insertions, 0 deletions