1
我在Ubuntu 10.04上的Nginx和客運運行的Rails 3.1。我的緩存解決方案解決方案是否安全?
在我的日誌,我可以看到下面很多:
cache error: Permission denied - /var/www/redmeetsblue/releases/20120221032538/tmp/cache/B27
我通過(從google advice)改變用戶名解決了這個問題,但我不能確定的安全隱患。誰是誰?這是安全的嗎?
/var/www/redmeetsblue/current/tmp/cache
total 16K
drwxr-xr-x 4 www-data root 4.0K 2012-02-20 22:27 .
drwxr-xr-x 3 root root 4.0K 2012-02-20 22:26 ..
drwxr-xr-x 54 www-data root 4.0K 2012-02-20 22:27 assets
drwxr-xr-x 3 www-data root 4.0K 2012-02-20 22:27 sass
[email protected]:/var/www/redmeetsblue/current/tmp# cd b27
-bash: cd: b27: No such file or directory
[email protected]:/var/www/redmeetsblue/current/tmp# cd B27
-bash: cd: B27: No such file or directory
[email protected]:/var/www/redmeetsblue/current/tmp# chown -R nobody cache
[email protected]:/var/www/redmeetsblue/current/tmp# ls -alh /var/www/redmeetsblue/current/tmp/cache
total 16K
drwxr-xr-x 4 nobody root 4.0K 2012-02-20 22:27 .
drwxr-xr-x 3 root root 4.0K 2012-02-20 22:26 ..
drwxr-xr-x 54 nobody root 4.0K 2012-02-20 22:27 assets
drwxr-xr-x 3 nobody root 4.0K 2012-02-20 22:27 sass
更改用戶後,我的緩存正在工作,但我不確定它是否安全。見工作緩存..
cache: [GET /assets/grid.png] stale, valid, store
cache: [GET /dashboards] miss
cache: [GET /assets/grid.png] stale, valid, store