On Tue, Sep 28, 2010 at 6:49 PM, Noah Slater <[email protected]> wrote: > > On 28 Sep 2010, at 08:10, Benoit Chesneau wrote: > >> About /var/run vs /var/lib, that just sometimes you gave different >> privileges on this folders, giving the possibility to read one or not. >> This is not only a question of giving a "state". I'm actually thinking >> that we may want to have this info in /tmp path where we save >> generally such info. Dbus does this, mysql does this for the socket >> (by default) ... /tmp is available for everyone. While /var/run is >> working for root apps, it doesn't for apps launched per users. > > When you install CouchDB, you should configure the /var/run/couchdb directory > to be world readable and group/user writable. This keeps it secure, while > allowing process to read from it. I believe this is documented in the README. > I don't think the location of world writable sockets is related.
You expect here there will be one couchdb. But you could have a couchdb per user. Then you need to distinct each users. You could of course put all these users in /var/run, but this isn't something possible on all systems. You don't want /var/run world readable for some obvious security reason. - benoit - benoit
