Could the new balcklist/whitelist options be used as an alternative to tyrant mode? I'm thinking of running the emperor with
[uwsgi] uid = uwsgi gid = uwsgi umask = 022 pidfile = /var/run/uwsgi/uwsgi.pid daemonize = /var/log/uwsgi.log log-date = true emperor = /etc/uwsgi.d cap = setgid,setuid and then create for each user a root-owned file /etc/uwsgi.d/user-<username>.ini which only includes a user-owned file: [uwsgi] uid = <username> gid = <username> blacklist = uid gid ini = /home/<username>/uwgsi.ini end-blacklist = Would that be secure or am I overlooking any way for the user configuration to circumvent uid/gid? -- Guido Berhoerster _______________________________________________ uWSGI mailing list [email protected] http://lists.unbit.it/cgi-bin/mailman/listinfo/uwsgi
