davmail icon indicating copy to clipboard operation
davmail copied to clipboard

Published 20 hours ago verified publisher icon mguessan

.davmail.properties should be created with 600 permissions

Open rsekman opened this issue 2 years ago • 2 comments

.davmail.properties can contain, in plaintext, proxy passwords an OAuth tokens that should be kept secret. It should not be world-readable. While on Unix-like systems this is easily fixed with chmod 600 this should not be the responsibility of the end-user. davmail should create this file with the appropriate permissions from the start by calling umask().

rsekman avatar Nov 17 '22 13:11 rsekman

Makes sense, now that we dropped support for older java versions we can use nio API. => fix available in trunk, trying to set file readable by user on initial file creation

mguessan avatar Nov 18 '22 17:11 mguessan

Sorry first try had wrong permissions, should be fixed

mguessan avatar Nov 22 '22 14:11 mguessan