This repository has been archived by the owner on Jul 26, 2024. It is now read-only.

Security: only chown state directories to etherpad::user #88

Open

igalic opened this issue Aug 22, 2019 · 0 comments

Contributor

igalic commented Aug 22, 2019

Currently, the entire application directory belongs etherpad::user
This seems unnecessary. We should chown the "state" directories.

The only problem then is the APIKEY.txt and SESSIONKEY.txt, which are created on the first run: ether/etherpad-lite#3317

The text was updated successfully, but these errors were encountered:

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.