Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove read permission for others on sensible log files #4760

Merged
merged 1 commit into from
Jun 26, 2022
Merged

Remove read permission for others on sensible log files #4760

merged 1 commit into from
Jun 26, 2022

Conversation

yubiuser
Copy link
Member

  • What does this PR aim to accomplish?:

Removed the read permission for others for certain files:

  1. /var/log/pihole/pihole.log(dnsmasq log file)
  2. the debug log

Both files can contain highly sensible data and should not be readable by everyone.

P.S. pihole -t needs sudo powers now, tailing via the web interface still works.

  • What documentation changes (if any) are needed to support this PR?:

Make change visible in the release notes

By submitting this pull request, I confirm the following:

  1. I have read and understood the contributors guide, as well as this entire template. I understand which branch to base my commits and Pull Requests against.
  2. I have commented my proposed changes within the code and I have tested my changes.
  3. I am willing to help maintain this change if there are issues with it later.
  4. It is compatible with the EUPL 1.2 license
  5. I have squashed any insignificant commits. (git rebase)
  • I have read the above and my PR is ready for review. Check this box to confirm

@yubiuser
Remove read permission for others on senible log files
954a0c2 
Signed-off-by: Christian König <ckoenig@posteo.de>
@yubiuser yubiuser requested review from dschaper and a team June 19, 2022 21:22
@yubiuser yubiuser added the PR: Approval Required Open Pull Request, needs approval label Jun 19, 2022
@yubiuser yubiuser mentioned this pull request Jun 19, 2022
Merged
1 task
@yubiuser yubiuser changed the title Remove read permission for others on senible log files Remove read permission for others on sensible log files Jun 20, 2022
dschaper
dschaper approved these changes Jun 25, 2022
View reviewed changes
Copy link
Member

@dschaper dschaper left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could be 660 but comme ci, comme ca...

@yubiuser yubiuser added PR: Approved Open Pull Request, Approved by required number of reviewers and removed PR: Approval Required Open Pull Request, needs approval labels Jun 26, 2022
@yubiuser yubiuser merged commit e02c7ff into development Jun 26, 2022
@yubiuser yubiuser deleted the hands_off branch June 26, 2022 22:27
@pralor-bot
Copy link

This pull request has been mentioned on Pi-hole Userspace. There might be relevant details there:

https://discourse.pi-hole.net/t/pi-hole-ftl-v5-16-web-v5-13-and-core-v5-11-1-released/56384/1

@yubiuser yubiuser mentioned this pull request Sep 19, 2022
Closed
@pralor-bot
Copy link

This pull request has been mentioned on Pi-hole Userspace. There might be relevant details there:

https://discourse.pi-hole.net/t/html-permissions/58272/16

@yubiuser yubiuser mentioned this pull request Aug 4, 2023
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dschaper dschaper dschaper approved these changes

Assignees
No one assigned
Labels
PR: Approved Open Pull Request, Approved by required number of reviewers
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@yubiuser @pralor-bot @dschaper