You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There is no reason to do chmod 777 on any unix systems ever, except if you actively want to introduce security risks.
The container does not help when the users Data is at stake! Even /tmp is better secured (with chmod 1777) It is absolutely feasible to run the nextcloud with more restrictive permissions.
The text was updated successfully, but these errors were encountered:
zem
changed the title
Insecure permissions within container need to be fixed asap! (please don't do chmod 777)
Insecure permissions within container need to be fixed! (please don't do chmod 777)
Sep 8, 2019
We don't do chmod 777, that's in the upstream base image. Inside the container are only root and www-data present. Both of them have access to the directory anyway.
There is no reason to do chmod 777 on any unix systems ever, except if you actively want to introduce security risks.
The container does not help when the users Data is at stake! Even /tmp is better secured (with chmod 1777) It is absolutely feasible to run the nextcloud with more restrictive permissions.
The Directory I found is /var/www/html:
root@docker1:~/docker_compose_ports/nextcloud# docker exec -t -i b117e7f7bd67 bash root@b117e7f7bd67:/var/www/html# ls -ld . drwxrwxrwx 15 www-data root 4096 Sep 8 00:49 . root@b117e7f7bd67:/var/www/html#
The text was updated successfully, but these errors were encountered: