Skip to content
This repository has been archived by the owner on Jan 10, 2023. It is now read-only.

umask warning when restarting (in vagrant ubuntu1404) #92

Closed
patcon opened this issue Jun 19, 2015 · 4 comments
Closed

umask warning when restarting (in vagrant ubuntu1404) #92

patcon opened this issue Jun 19, 2015 · 4 comments
Labels
bug

Comments

@patcon
Copy link
Collaborator

patcon commented Jun 19, 2015 

Stash is being run with a umask that contains potentially unsafe settings.
The following issues were found with the mask "u=rwx,g=rwx,o=rx" (0002):
 - access is allowed to 'others'. It is recommended that 'others' be denied
   all access for security reasons.
 - write access is allowed to 'group'. It is recommend that 'group' be
   denied write access. Read access to a restricted group is recommended
   to allow access to the logs.

The recommended umask for Stash is "u=,g=w,o=rwx" (0027) and can be
configured in setenv.sh

Uncommenting the umask setting in setenv.sh as recommended seems to suppressed the error, but perhaps we should do it at user level?
@patcon
Copy link
Collaborator Author

patcon commented Jun 19, 2015

Yeah, seems the global value is set in login.defs, but that's rather presumptuous, so perhaps setenv.sh is the place. Thoughts?

@linc01n linc01n added the bug label Jun 20, 2015
@linc01n
Copy link
Collaborator

linc01n commented Jun 20, 2015

Confirmed. The new setenv.sh is checking umask value while the previous version is missing this check.

@linc01n linc01n mentioned this issue Jun 20, 2015
Merged
@patcon
Copy link
Collaborator Author

patcon commented Jun 20, 2015

👍 thanks!

@linc01n
Copy link
Collaborator

linc01n commented Jun 20, 2015

Thanks for reporting ❗

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@patcon @linc01n