social-discuss
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Social-discuss] Security improvement for NginX (and bug tracker reg

From: chimo
Subject: Re: [Social-discuss] Security improvement for NginX (and bug tracker registration)
Date: Mon, 05 Oct 2015 09:15:23 -0400
User-agent: Roundcube Webmail/1.1.3 
On 2015-10-05 07:18, Ivan Vilata i Balaguer wrote:

Hi everyone,

I'm attaching a small patch to the sample NginX configuration file to
strengthen it a little bit against PHP files uploaded to
application-writable directories, to avoid e.g. a user attaching a PHP
file which could be run with installation user permissions.  Maybe GNU
social already has some built-in checks for this, I don't know.

I tried to open a bug/feature request for this in the
[Phabricator](https://bugz.foocorp.net/), but registration address
validation emails seem to not be sent (I've tried several times on
different days, checked the spam folder and the receiving server mail
logs, but no trace).

Cheers,



Hi Ivan,
The codebase and issue tracker for GNU social has been moved to https://git.gnu.io/gnu/gnu-social
The .diff file you attached only contains the following on my end: "dl oct 5 13:18:02 CEST 2015" 

- c
reply via email to
[Prev in Thread] Current Thread [Next in Thread]