Matt Palmer wrote: > On Wed, Sep 12, 2007 at 01:16:31PM -1000, Ben Munat wrote: >> I'm curious if there is some reason why the rails command creates the log >> files >> as world-writable. This doesn't seem very security conscious. >> >> I know I can have capistrano or puppet change the file mode on those, but >> that's >> an extra step... and one that most people probably don't do. >> >> So, what say ye? Was this intentional? > > Considering that various other parts of Rails recommend 0666 perms on log > files, I'd say it was definitely deliberate. Ill-advised, definitely, but > deliberate.
Hmm, but why would rails ever recommend something that is ill-advised? :-D Ben --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/rubyonrails-core?hl=en -~----------~----~----~----~------~----~------~--~---
