lifecycle icon indicating copy to clipboard operation
lifecycle copied to clipboard

Published 20 hours ago verified publisher icon buildpacks

SGID on the /layers directory

Open tylerphelan opened this issue 3 years ago • 1 comments

Description

When run in kubernetes, the layers dir gets the SGID bit set. Would the lifecycle ever be interested in removing this bit? Users were a little concerned seeing this bit set in images.

Proposed solution

Have the lifecycle remove the sgid from the layers dir

Describe alternatives you've considered

Don't do anything as it may not be a big risk

Additional context

kpack issue: https://github.com/pivotal/kpack/issues/1016

tylerphelan avatar Oct 19 '22 19:10 tylerphelan

@tylerphelan thanks for raising this - it seems reasonable for the lifecycle to remove this bit, but as this introduces a change in behavior it could benefit from an RFC. Would you be amenable to raising this? We could scope it to the team level to hopefully move it through faster.

natalieparellano avatar Nov 08 '22 17:11 natalieparellano