Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use least permissive file mode #820

Closed
shreyas-s-rao opened this issue Dec 26, 2024 · 0 comments · Fixed by #821
Closed

Use least permissive file mode #820

shreyas-s-rao opened this issue Dec 26, 2024 · 0 comments · Fixed by #821
Assignees
@shreyas-s-rao
Labels
area/compliance Compliance related area/security Security related kind/enhancement Enhancement, improvement, extension status/closed Issue is closed (either delivered or triaged)
Milestone
v0.33.0

Comments

@shreyas-s-rao
Copy link
Collaborator

Feature (What you would like to be added):

  • Change file mode of safe_guard file to 0600
  • Set umask to 0077 for the etcdbrctl process to prevent temp files from being created with any mode greater than 0600

Motivation (Why is this needed?):
To use least permissive file mode for files created/managed by etcd-backup-restore.
@shreyas-s-rao shreyas-s-rao added the kind/enhancement Enhancement, improvement, extension label Dec 26, 2024
@shreyas-s-rao shreyas-s-rao added this to the v0.33.0 milestone Dec 26, 2024
@shreyas-s-rao shreyas-s-rao self-assigned this Dec 26, 2024
@shreyas-s-rao shreyas-s-rao added area/security Security related area/compliance Compliance related labels Dec 26, 2024
@shreyas-s-rao shreyas-s-rao mentioned this issue Dec 26, 2024
Merged
4 tasks
@gardener-robot gardener-robot added the status/closed Issue is closed (either delivered or triaged) label Dec 30, 2024
@shreyas-s-rao shreyas-s-rao mentioned this issue Jan 15, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@shreyas-s-rao shreyas-s-rao

Labels
area/compliance Compliance related area/security Security related kind/enhancement Enhancement, improvement, extension status/closed Issue is closed (either delivered or triaged)
Projects
None yet
Milestone
v0.33.0
2 participants
@shreyas-s-rao @gardener-robot