openj9-docs icon indicating copy to clipboard operation
openj9-docs copied to clipboard

Published 20 hours ago verified publisher icon eclipse-openj9

Securing the Attach API enhancement - prevent a user from interfering the AttachAPI via file permission modification

Open JasonFengJ9 opened this issue 1 year ago • 1 comments

Subject: https://eclipse.dev/openj9/docs/attachapi/

Suggestion:

_In the default Attach API directory you can find certain files that start with an underscore *, which are involved in synchronization. These files can be owned by any user but must have read and write permissions set. The files are empty and are automatically re-created if deleted. is changed to _In the default Attach API directory you can find certain files that start with an underscore *, which are involved in synchronization. By default these files can be owned by any user but must have read and write permissions set. The files are empty and are automatically re-created if deleted. To prevent a user from interfering the AttachAPI via file permission modification, root can be set as the folder/files owner to protect the file permissions.

JasonFengJ9 avatar Mar 21 '24 19:03 JasonFengJ9

@paulcheeseman fyi

pshipton avatar Mar 21 '24 19:03 pshipton