1
我在Ubuntu 10.04上的Nginx和客运运行的Rails 3.1。我的缓存解决方案解决方案是否安全?
在我的日志,我可以看到下面很多:
cache error: Permission denied - /var/www/redmeetsblue/releases/20120221032538/tmp/cache/B27
我通过(从google advice)改变用户名解决了这个问题,但我不能确定的安全隐患。谁是谁?这是安全的吗?
/var/www/redmeetsblue/current/tmp/cache
total 16K
drwxr-xr-x 4 www-data root 4.0K 2012-02-20 22:27 .
drwxr-xr-x 3 root root 4.0K 2012-02-20 22:26 ..
drwxr-xr-x 54 www-data root 4.0K 2012-02-20 22:27 assets
drwxr-xr-x 3 www-data root 4.0K 2012-02-20 22:27 sass
[email protected]:/var/www/redmeetsblue/current/tmp# cd b27
-bash: cd: b27: No such file or directory
[email protected]:/var/www/redmeetsblue/current/tmp# cd B27
-bash: cd: B27: No such file or directory
[email protected]:/var/www/redmeetsblue/current/tmp# chown -R nobody cache
[email protected]:/var/www/redmeetsblue/current/tmp# ls -alh /var/www/redmeetsblue/current/tmp/cache
total 16K
drwxr-xr-x 4 nobody root 4.0K 2012-02-20 22:27 .
drwxr-xr-x 3 root root 4.0K 2012-02-20 22:26 ..
drwxr-xr-x 54 nobody root 4.0K 2012-02-20 22:27 assets
drwxr-xr-x 3 nobody root 4.0K 2012-02-20 22:27 sass
更改用户后,我的缓存正在工作,但我不确定它是否安全。见工作缓存..
cache: [GET /assets/grid.png] stale, valid, store
cache: [GET /dashboards] miss
cache: [GET /assets/grid.png] stale, valid, store