1. 29 Mar, 2019 1 commit
  2. 25 Dec, 2018 1 commit
  3. 25 Jun, 2018 1 commit
  4. 30 May, 2018 1 commit
  5. 29 May, 2018 1 commit
  6. 28 Feb, 2018 1 commit
  7. 19 Feb, 2018 2 commits
  8. 28 Jul, 2017 1 commit
  9. 20 Jul, 2017 1 commit
  10. 10 Feb, 2017 1 commit
    • Giancarlo Razzolini's avatar
      roles/*: Fix nginx log dir permissions · ff27e416
      Giancarlo Razzolini authored
      To correctly be safe for CVE-2016-1247, we need all nginx log dirs
      to be owned by both user and group root. Also, since nginx childs
      runs as http user, the directories permissions must be 0755, so the
      http user can descent into it. Since the logrotate will create the
      log files as http:log, the nginx childs will be able to write to the
      logs, but will not be able to create files inside those dirs, fully
      preventing CVE-2016-1247.
      ff27e416
  11. 05 Feb, 2017 1 commit
  12. 02 Jan, 2017 1 commit
  13. 24 Dec, 2016 1 commit
  14. 21 Dec, 2016 1 commit
  15. 20 Dec, 2016 4 commits