diff options
author | Eric Wong <normalperson@yhbt.net> | 2009-04-05 19:15:53 -0700 |
---|---|---|
committer | Eric Wong <normalperson@yhbt.net> | 2009-04-05 19:15:53 -0700 |
commit | 72c32f2902886bf205ae7ea412909c41dda1a95e (patch) | |
tree | 956fe1c85d68199da8a5d135fa3314c0a634b8d7 /test/unit/test_socket_helper.rb | |
parent | 539ca9a0efc692edde5448d3e4007d35372e033d (diff) | |
download | unicorn-72c32f2902886bf205ae7ea412909c41dda1a95e.tar.gz |
I can't think of a good reason to ever use restrictive permissions with UNIX domain sockets for an HTTP server. Since some folks run their nginx on port 80 and then have it drop permissions, we need to ensure our socket is readable and writable across the board. The reason I'm respecting the existing umask at all (instead of using 0000 across the board like most daemonizers) is because the admin may want to restrict access (especially write access) to log files.
Diffstat (limited to 'test/unit/test_socket_helper.rb')
-rw-r--r-- | test/unit/test_socket_helper.rb | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/test/unit/test_socket_helper.rb b/test/unit/test_socket_helper.rb index 23fa44c..79e1cdc 100644 --- a/test/unit/test_socket_helper.rb +++ b/test/unit/test_socket_helper.rb @@ -42,12 +42,18 @@ class TestSocketHelper < Test::Unit::TestCase end def test_bind_listen_unix + old_umask = File.umask(0777) tmp = Tempfile.new 'unix.sock' @unix_listener_path = tmp.path File.unlink(@unix_listener_path) @unix_listener = bind_listen(@unix_listener_path) assert Socket === @unix_listener assert_equal @unix_listener_path, sock_name(@unix_listener) + assert File.readable?(@unix_listener_path), "not readable" + assert File.writable?(@unix_listener_path), "not writable" + assert_equal 0777, File.umask + ensure + File.umask(old_umask) end def test_bind_listen_unix_idempotent |