nginx default unix domain socket permissions and umask

Manole, Sorin manole at
Thu Sep 22 13:12:21 UTC 2016


It seems that when nginx creates unix domain sockets as a result of the listen directive it assigns rw permissions for all users.
This is probably because the bind() call which creates the file follows the process umask. Nginx sets the umask to 0 which is the most relaxed setting.

Is there a way to control the permissions assigned at creation to unix domain sockets created by nginx?
Is there a deep reason to always set the umask to 0? Would it be better to let the user decide the umask and inherit it from the process starting nginx?


Amazon Development Center (Romania) S.R.L. registered office: 3E Palat Street, floor 2, Iasi, Iasi County, Iasi 700032, Romania. Registered in Romania. Registration number J22/2621/2005.

More information about the nginx mailing list