Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

custom file and dir permission (#164) #168

Open
wants to merge 1 commit into
base: v2.0
Choose a base branch
from
Open

custom file and dir permission (#164) #168

wants to merge 1 commit into from
+33 −6

Conversation

counten
Copy link

@counten counten commented Oct 3, 2022

No description provided.

@jedisct1 jedisct1 mentioned this pull request Feb 25, 2023
Closed
@jedisct1
Copy link

Any hope to see that PR merged?

@schmidtw schmidtw mentioned this pull request Mar 29, 2023
Open
@djarbz
Copy link

djarbz commented Mar 31, 2023

Please merge this!

@counten
Copy link
Author

counten commented Apr 22, 2023

allow user to custom file permission , use default if not configured。 I think this is better for users @natefinch

@jedisct1
Copy link

Yes the current behavior is not great.

@fissssssh
Copy link

fissssssh commented May 10, 2023
edited
Loading

I think using the same permission (0755) as the parent folder could also be feasible.

@fissssssh
Copy link

fissssssh commented May 10, 2023
edited
Loading

When working with sidecar to collect logs in Kubernetes, this issue becomes quite visible. @jedisct1

@djarbz
Copy link

djarbz commented May 10, 2023

I think using the same permission (0755) as the parent folder could also be feasible.

0644 would be more appropriate for files, we don't need to be able to execute log files.

@fissssssh
Copy link

fissssssh commented May 10, 2023
edited
Loading

I think using the same permission (0755) as the parent folder could also be feasible.

0644 would be more appropriate for files, we don't need to be able to execute log files.

Yes, changing the file permission to 0644 is sufficient and there is no need to customize the permission further.

#186

@djarbz
Copy link

djarbz commented May 10, 2023

I think using the same permission (0755) as the parent folder could also be feasible.

0644 would be more appropriate for files, we don't need to be able to execute log files.

Yes, changing the file permission to 0644 is sufficient and there is no need to customize the permission further.

#186

I would disagree, having the ability to have restrictive or open permissions on log files is very important in a security sense.
I would prefer this PR over yours.

@francislavoie francislavoie mentioned this pull request Jun 26, 2023
Closed
@counten
Copy link
Author

counten commented Jul 1, 2023

I think using the same permission (0755) as the parent folder could also be feasible.

0644 would be more appropriate for files, we don't need to be able to execute log files.

Yes, changing the file permission to 0644 is sufficient and there is no need to customize the permission further.
#186

I would disagree, having the ability to have restrictive or open permissions on log files is very important in a security sense. I would prefer this PR over yours.

Strict file permissions meet security requirements. Hope to be merged.

@mohamedtaher567
Copy link

mohamedtaher567 commented Aug 27, 2023
edited
Loading

Is there any hope for this to be merged? Or even reviewed by the owners. So that it could eventually be merged.

@Kaspiman Kaspiman mentioned this pull request Sep 5, 2023
Closed
1 task
@bnpfeife
Copy link

+1

I would also like this merged. I think that a library forcing permissions should be a "last resort" option. I totally understand why gpg and ssh do it, but it makes little to no sense for logs. The authors of this library don't have context for which the logs are being used. Having a strict default is fine as long as it is configurable (as it is with this PR).

@zwh8800
Copy link

zwh8800 commented Oct 17, 2024

please merge this!

@rohan-rayaraddi
Copy link

@natefinch please merge this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
8 participants
@counten @jedisct1 @djarbz @fissssssh @mohamedtaher567 @bnpfeife @zwh8800 @rohan-rayaraddi