cntr icon indicating copy to clipboard operation
cntr copied to clipboard

Published 20 hours ago verified publisher icon Mic92

cntr exec fails with umask set to 077

Open JustWhateverIOnlyWantBetterCodeView opened this issue 1 year ago • 0 comments

To reproduce run umask 077 in your shell and then attach to any container running non-root user inside. After that try to run cntr exec. It fails, because /.cntr/pid file was created with permissions 600 and is not readable.

I've tested with zsh and bash.

Also with umask set to 000 the pid file is created with permissions 666 which means it's writable by anyone, which could potentially be a security issue?

To fix this the correct permissions should be set when this file is created: https://github.com/Mic92/cntr/blob/43f88bff06da2dbcea206405a8b393ea65bb32b1/src/dotcntr.rs#L26-L37

JustWhateverIOnlyWantBetterCodeView avatar Oct 17 '23 16:10 JustWhateverIOnlyWantBetterCodeView