Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Docker Container Filesystem Permissions: Synapse shouldn't be able to modify its own executable #10726

Open
zem opened this issue Aug 31, 2021 · 0 comments
Open

Docker Container Filesystem Permissions: Synapse shouldn't be able to modify its own executable #10726

zem opened this issue Aug 31, 2021 · 0 comments
Labels
A-Docker Docker images, or making it easier to run Synapse in a container. T-Enhancement New features, changes in functionality, improvements in performance, or user-facing enhancements.

Comments

@zem
Copy link

zem commented Aug 31, 2021 

[root@application1 merged]# find . -perm /o=w -type f 
./conf/homeserver.yaml
./conf/log.config
./start.py

Placing files on unix that are writeable by "others" can cause severe security issues. A secure application should not be able to modify its own executables.
@reivilibre reivilibre changed the title Please fix unsafe permissions in docker container Docker Container Filesystem Permissions: Synapse shouldn't be able to modify its own executable Aug 31, 2021
@reivilibre reivilibre added T-Enhancement New features, changes in functionality, improvements in performance, or user-facing enhancements. A-Docker Docker images, or making it easier to run Synapse in a container. labels Sep 1, 2021
@matrixbot matrixbot mentioned this issue Dec 21, 2023
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
A-Docker Docker images, or making it easier to run Synapse in a container. T-Enhancement New features, changes in functionality, improvements in performance, or user-facing enhancements.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@zem @reivilibre