couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Benoit Chesneau <bchesn...@gmail.com>
Subject Re: svn commit: r1001283 - in /couchdb/trunk/etc/couchdb: Makefile.am default.ini.tpl.in
Date Tue, 28 Sep 2010 17:28:56 GMT
On Tue, Sep 28, 2010 at 6:49 PM, Noah Slater <nslater@apache.org> wrote:
>
> On 28 Sep 2010, at 08:10, Benoit Chesneau wrote:
>
>> About /var/run vs /var/lib, that just sometimes you gave different
>> privileges on this folders, giving the possibility to read one or not.
>> This is not only a question of giving a "state". I'm actually thinking
>> that we may want to have this info in /tmp path  where we save
>> generally such info. Dbus does this, mysql does this for the socket
>> (by default) ...  /tmp is available for everyone. While /var/run  is
>> working for root apps, it doesn't for apps launched per users.
>
> When you install CouchDB, you should configure the /var/run/couchdb directory to be world
readable and group/user writable. This keeps it secure, while allowing process to read from
it. I believe this is documented in the README. I don't think the location of world writable
sockets is related.

You expect here there will be one couchdb. But you could have a
couchdb per user. Then you need to distinct each users.  You could of
course put all these users in /var/run, but this isn't something
possible on all systems. You don't want /var/run world readable for
some obvious security reason.

- benoit

- benoit

Mime
View raw message