s3gw icon indicating copy to clipboard operation
s3gw copied to clipboard

Published 20 hours ago verified publisher icon s3gw-tech

[BUG] rgw/sfs: s3gw.db is created world readable

Open tserong opened this issue 2 years ago • 2 comments

The sqlite database is created with mode 644, so is world readable. It should probably be created with mode 640, to avoid random unprivileged users being able to read it.

tserong avatar Oct 28 '22 06:10 tserong

Same goes for all the data files - they're world readable too.

tserong avatar Oct 28 '22 08:10 tserong

I have the feeling this is not necessarily a big problem when deploying in a container, so not a particular priority for LH 1.6 / v0.23.0. But we should still address it asap.

jecluis avatar Oct 19 '23 06:10 jecluis