I'm using unicorn in an environment with /very/ strict permissions (one might so as far as to say that the sysadmin is being too careful) and I've observed that when starting Unicorn via `upstart` (runs as root) with unicorn.rb configured to suid and sguid, the logs and other files are correctly owned by `selected user:group` but the pidfile is owned by root:root. Owing to very restrictive unmasking and other permissions, this file is not readable by any lower-level users, and thus one has to be root to read the pidfile.
What's the logic here, is it a bug, an oversight or an intentional design, naturally one can use `ps` or any other number of ways to get a pid, so protecting the pidfile doesn't seem like a security concern/ Of course this is somewhat academic, as one must be root to signal the process anyway, but I'll cross that particular bridge when I come to it! Lee _______________________________________________ Unicorn mailing list - [email protected] http://rubyforge.org/mailman/listinfo/mongrel-unicorn Do not quote signatures (like this one) or top post when replying
