Skip to content

Commit

Permalink
Merge pull request #818 from pjbgf/fs-perms
Browse files Browse the repository at this point in the history 
Decrease fs perms to 0o700
  • Loading branch information
Paulo Gomes authored Jul 7, 2022
2 parents 0219905 + 60e46d1 commit 22c9e2e
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 6 deletions.
4 changes: 2 additions & 2 deletions controllers/storage.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,7 @@ func (s Storage) SetHostname(URL string) string {
// MkdirAll calls os.MkdirAll for the given v1beta1.Artifact base dir.
func (s *Storage) MkdirAll(artifact sourcev1.Artifact) error {
dir := filepath.Dir(s.LocalPath(artifact))
return os.MkdirAll(dir, 0o770)
return os.MkdirAll(dir, 0o700)
}

// RemoveAll calls os.RemoveAll for the given v1beta1.Artifact base dir.
Expand Down Expand Up @@ -432,7 +432,7 @@ func (s *Storage) Archive(artifact *sourcev1.Artifact, dir string, filter Archiv
return err
}

if err := os.Chmod(tmpName, 0o640); err != nil {
if err := os.Chmod(tmpName, 0o600); err != nil {
return err
}

Expand Down
2 changes: 1 addition & 1 deletion main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -342,7 +342,7 @@ func mustInitStorage(path string, storageAdvAddr string, artifactRetentionTTL ti
if path == "" {
p, _ := os.Getwd()
path = filepath.Join(p, "bin")
os.MkdirAll(path, 0o770)
os.MkdirAll(path, 0o700)
}

storage, err := controllers.NewStorage(path, storageAdvAddr, artifactRetentionTTL, artifactRetentionRecords)
Expand Down
6 changes: 3 additions & 3 deletions tests/fuzz/gitrepository_fuzzer.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -120,7 +120,7 @@ func ensureDependencies() error {
// Output all embedded testdata files
embedDirs := []string{"testdata/crd", "testdata/certs"}
for _, dir := range embedDirs {
err := os.MkdirAll(dir, 0o750)
err := os.MkdirAll(dir, 0o700)
if err != nil {
return fmt.Errorf("mkdir %s: %v", dir, err)
}
Expand All @@ -139,7 +139,7 @@ func ensureDependencies() error {
return fmt.Errorf("reading embedded file %s: %v", fileName, err)
}

os.WriteFile(fileName, data, 0o640)
os.WriteFile(fileName, data, 0o600)
if err != nil {
return fmt.Errorf("writing %s: %v", fileName, err)
}
Expand Down Expand Up @@ -494,7 +494,7 @@ func createRandomFiles(f *fuzz.ConsumeFuzzer, fs billy.Filesystem, wt *git.Workt
return errors.New("Dir contains '..'")
}

err = fs.MkdirAll(dirPath, 0o770)
err = fs.MkdirAll(dirPath, 0o700)
if err != nil {
return errors.New("Could not create the subDir")
}
Expand Down

0 comments on commit 22c9e2e

Please sign in to comment.