Date: Thu, 23 Jun 2022 12:37:35 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 264847] security/vaultwarden: Change file permissions of rc.conf.d/vaultwarden to 0600 Message-ID: <bug-264847-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D264847 Bug ID: 264847 Summary: security/vaultwarden: Change file permissions of rc.conf.d/vaultwarden to 0600 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: mr@FreeBSD.org Reporter: 0mp@FreeBSD.org Flags: maintainer-feedback?(mr@FreeBSD.org) Assignee: mr@FreeBSD.org Hi, Would it make sense to change the default permissions for /usr/local/rc.conf.d/vaultwarden* to 0600 so that the file is not world-readable by default? From what I understand, this file can contain sensitive details like admin tokens and passwords. If it makes sense to you, I can commit a patch to enforce this behavior. Thanks! --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-264847-7788>