Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

i2pd: restrict /etc/i2pd permissions #42409

Merged
merged 1 commit into from
May 25, 2023
Merged

i2pd: restrict /etc/i2pd permissions #42409

merged 1 commit into from
May 25, 2023

Conversation

steinex
Copy link
Contributor

@steinex steinex commented Feb 23, 2023

It's not a good idea to have /etc/i2pd/*.conf world-readable since it may contain sensitive information

Testing the changes

  • I tested the changes in this PR: YES

@Duncaen
Copy link
Member

Duncaen commented Mar 5, 2023
edited
Loading

This and #42408 should probably not make the directory writable by the less privileged user.
Keep the directory owned by root and only add the group of the less privileged user with read permissions, like /etc/i2pd 0750 root _i2pd.

Also indention with a single space instead of tabs.

@steinex
Copy link
Contributor Author

steinex commented Mar 6, 2023

Fixed here and in #42408, thanks!

@steinex steinex mentioned this pull request Mar 6, 2023
Merged
@steinex
i2pd: restrict /etc/i2pd permissions
49f7337 
It's not a good idea to have /etc/i2pd/*.conf world-readable since
it may contain sensitive information.
@Duncaen Duncaen merged commit 82b6c49 into void-linux:master May 25, 2023
Duncaen added a commit that referenced this pull request May 25, 2023
@Duncaen
i2pd: revbump for #42409
bdf3073
atweiden added a commit to atweiden/voidpkgs that referenced this pull request May 26, 2023
@atweiden
i2pd: revbump for void-linux/void-packages#42409
566c584 
void-linux/void-packages@bdf3073
sirkhancision pushed a commit to sirkhancision/void-packages that referenced this pull request Jun 10, 2023
@Duncaen @sirkhancision
i2pd: revbump for void-linux#42409
0aa3eb3
sirkhancision pushed a commit to sirkhancision/void-packages that referenced this pull request Jun 12, 2023
@Duncaen @sirkhancision
i2pd: revbump for void-linux#42409
fe5566b
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@steinex @Duncaen