I would handle it the way any other server application would be deployed (ie, Tomcat, Nginx, Apache). I would say start the process with a restricted user (running any server process as root i*s bad*). So in this case perhaps create a new user for the app to use and ensure that user has read access and write access to the project directory as required.
On Sunday, January 3, 2016 at 5:53:43 PM UTC-5, AaronNGray wrote: > > Hi, > > A friend asked me a question I was very embarrassed not to be able to > answer. Basically he could not find any information on both deploying > Node.js app in regard to setting file permissions and on protecting > the filing system from Node.js applications. There seems to be no > guides to these matters. > > So I would be interested if there is anything available regarding these > matters. > > Many thanks in advance, > > Aaron > -- Job board: http://jobs.nodejs.org/ New group rules: https://gist.github.com/othiym23/9886289#file-moderation-policy-md Old group rules: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines --- You received this message because you are subscribed to the Google Groups "nodejs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/nodejs/3dec7b1f-db6d-4df1-8197-5209e5a33dab%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
