Я готовлю новую установку Пассажира в системе Fedora 31.
Я установил как обычный пользователь rbenv для управления ruby средой - это означает, что все мои драгоценные камни теперь находятся в домашнем каталоге пользователя, что-то вроде /home/user_name/.rbenv/versions/2.6.3/lib/ruby/gems/2.6.0/gems/passenger-6.0.4.
Теперь, Пассажир на обеде Apache записывает предупреждение
[ N 2020-02-22 17:55:43.3058 1422/T1 age/Cor/CoreMain.cpp:1340 ]: Starting Passenger core...
[ N 2020-02-22 17:55:43.3060 1422/T1 age/Cor/CoreMain.cpp:256 ]: Passenger corerunning in multi-application mode.
[ W 2020-02-22 17:55:43.3119 1422/T1 age/Cor/CoreMain.cpp:1007 ]: WARNING: potential privilege escalation vulnerability detected. Phusion Passenger is running as root, and part(s) of the Passenger root path (/home/user_name/.rbenv/versions/2.6.3/lib/ruby/gems/2.6.0/gems/passenger-6.0.4) can be changed by non-root user(s):
- /home/user_name/.rbenv/versions/2.6.3/lib/ruby/gems/2.6.0/gems/passenger-6.0.4 is not secure: it can be modified by user user_name
- /home/user_name/.rbenv/versions/2.6.3/lib/ruby/gems/2.6.0/gems is not secure: it can be modified by user user_name
- /home/user_name/.rbenv/versions/2.6.3/lib/ruby/gems/2.6.0 is not secure: it can be odified by user user_name
- /home/user_name/.rbenv/versions/2.6.3/lib/ruby/gems is not secure: it can be modified by user user_name
- /home/user_name/.rbenv/versions/2.6.3/lib/ruby is not secure: it can be modified by user user_name
- /home/user_name/.rbenv/versions/2.6.3/lib is not secure: it can be modified by user user_name
- /home/user_name/.rbenv/versions/2.6.3 is not secure: it can be modified by user user_name
- /home/user_name/.rbenv/versions/2.6.3/lib/ruby/gems/2.6.0/gems is not secure: it can be modified by user user_name
- /home/user_name/.rbenv/versions/2.6.3/lib/ruby/gems/2.6.0 is not secure: it can be modified by user user_name
- /home/user_name/.rbenv/versions/2.6.3/lib/ruby/gems is not secure: it can be modified by user user_name
- /home/user_name/.rbenv/versions/2.6.3/lib/ruby is not secure: it can be modified by user user_name
- /home/user_name/.rbenv/versions/2.6.3/lib is not secure: it can be modified by user user_name
- /home/user_name/.rbenv/versions/2.6.3 is not secure: it can be modified by user user_name
- /home/user_name/.rbenv/versions is not secure: it can be modified by user user_name
- /home/user_name/.rbenv is not secure: it can be modified by user user_name
- /home/user_name is not secure: it can be modified by user user_name
Please either fix up the permissions for the insecure paths, or install Passenger in a different location that can only be modified by root.
[ N 2020-02-22 17:55:43.3119 1422/T1 age/Cor/CoreMain.cpp:1015 ]: Passenger core online, PID 1422
Что вы посоветуете для обработки этого предупреждения? Я бы предпочел оставить Passenger в качестве инсталляции драгоценного камня, поэтому переход на другой путь не возможен. Я подозреваю, что отзывать права доступа владельца тоже нельзя.