This repository was archived by the owner on Oct 8, 2025. It is now read-only.
This repository was archived by the owner on Oct 8, 2025. It is now read-only.
unix socket permissions #644
Description
Who is affected?
- All users of the unix socket as a listener
Hello Nginx Team and Contributors,
I suggest implementing a compile-time flag, or a unitd startup option, or a configuration file section (not safe) that sets chmod to the unix socket as a listener.
Current default chmod (0666):
# ls -l /var/run/unit.sock
srw-rw-rw- 1 root root 0 Feb 13 12:13 /var/run/unit.sock
Most applications, especially such as web servers, try to restrict file socket access modes to a sufficient extent. Typically the standard chmod 0660 will allow user and group, for example www-data group and its members.