Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Insecure permissions within container need to be fixed! (please don't do chmod 777) #858

Closed
zem opened this issue Sep 8, 2019 · 1 comment
Closed

Insecure permissions within container need to be fixed! (please don't do chmod 777) #858

zem opened this issue Sep 8, 2019 · 1 comment

Comments

@zem
Copy link

zem commented Sep 8, 2019

There is no reason to do chmod 777 on any unix systems ever, except if you actively want to introduce security risks.

The container does not help when the users Data is at stake! Even /tmp is better secured (with chmod 1777) It is absolutely feasible to run the nextcloud with more restrictive permissions.

The Directory I found is /var/www/html:

root@docker1:~/docker_compose_ports/nextcloud# docker exec -t -i b117e7f7bd67 bash root@b117e7f7bd67:/var/www/html# ls -ld . drwxrwxrwx 15 www-data root 4096 Sep 8 00:49 . root@b117e7f7bd67:/var/www/html#

@zem zem changed the title Insecure permissions within container need to be fixed asap! (please don't do chmod 777) Insecure permissions within container need to be fixed! (please don't do chmod 777) Sep 8, 2019
@J0WI
Copy link
Contributor

J0WI commented Nov 3, 2019

We don't do chmod 777, that's in the upstream base image. Inside the container are only root and www-data present. Both of them have access to the directory anyway.

@J0WI J0WI closed this as completed Nov 3, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@zem @J0WI