On Dec 20, 2017, at 6:23 PM, Dewey Hylton <[email protected]> wrote: > > All users have read/write permissions on those files, so this doesn’t make > sense (to me) from a Unix permissions standpoint.
Fine, but what about the directory that holds these files? That’s why I applied the command to the directory as well. > the fossil binary is running as the root user in this case. If that’s only to allow binding to port 80, you might want to put a proxy up in front of it instead. That’ll let you do TLS, if nothing else. Linux containers aren’t foolproof when it comes to permission isolation. Better to not let Fossil have root privs even inside a container. _______________________________________________ fossil-users mailing list [email protected] http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
