From e910005b1a337093109af29c7bf21b32c343ab56 Mon Sep 17 00:00:00 2001 From: Laurent Bercot Date: Mon, 4 Feb 2019 19:04:05 +0000 Subject: Revert -I, but add uid/self and gid/self to uidgid accessrules checking --- NEWS | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'NEWS') diff --git a/NEWS b/NEWS index afd4c3c..45f0986 100644 --- a/NEWS +++ b/NEWS @@ -7,8 +7,11 @@ In 2.8.0.0 - Adaptation to skalibs-2.8.0.0. - s6-log can now notify readiness with the new -d option. - s6-log now has a default line limit of 8 kB. - - s6-ipcserver-access now takes a -I option to automatically accept -connections from clients running with the same euid/egid pair. + - In the accessrules library, checking against uidgid now checks the +uid/self key if the client and the server have the same uid, and the +gid/self key if the client and the server have the same gid. That means +s6-ipcserver-access can now be configured to allow/deny/specialcase +connections where the client's credentials are the same as the server's. In 2.7.2.2 -- cgit v1.2.3