> > Could the new balcklist/whitelist options be used as an > alternative to tyrant mode? I'm thinking of running the emperor > with > > [uwsgi] > uid = uwsgi > gid = uwsgi > umask = 022 > pidfile = /var/run/uwsgi/uwsgi.pid > daemonize = /var/log/uwsgi.log > log-date = true > emperor = /etc/uwsgi.d > cap = setgid,setuid > > and then create for each user a root-owned file > /etc/uwsgi.d/user-<username>.ini which only includes a user-owned > file: > > [uwsgi] > uid = <username> > gid = <username> > blacklist = uid gid > ini = /home/<username>/uwgsi.ini > end-blacklist = > > Would that be secure or am I overlooking any way for the user > configuration to circumvent uid/gid? > -- > Guido Berhoerster >
a user could load a "malicious" plugin hooking itself just before privileges drop, so you should disallow "plugin/plugins" too. >From a security point of view it is not a good approach, as we could add new options (or aliaes) you could overlook (and that should be blacklisted) and so on. Any reason to not want tyrant mode ? I suppose managing file permissions of vassal's file is the problem... -- Roberto De Ioris http://unbit.it _______________________________________________ uWSGI mailing list [email protected] http://lists.unbit.it/cgi-bin/mailman/listinfo/uwsgi
