Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Keep file permissions during database migration #5707

Merged
merged 1 commit into from
Jan 12, 2019
Merged

Keep file permissions during database migration #5707

merged 1 commit into from
Jan 12, 2019

Conversation

apricote
Copy link
Contributor

PR #5290 added auto-migration to the docker entrypoint. It introduced a small security issue, by changing the file permissions of the app.ini to 644 (read permissions for all users). The the app.ini contains multiple credentials (smtp, database).

Either the user should be reponsible for appropriate file permissions, or the file permissions should be changed so that only the user can read this file (600).

This PR removes the file permission change, so the user is responsible for that. I can change it to setting secure permissions if requested.

@codecov-io
Copy link

Codecov Report

Merging #5707 into master will decrease coverage by <.01%.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #5707      +/-   ##
==========================================
- Coverage   37.77%   37.76%   -0.01%     
==========================================
  Files         323      323              
  Lines       47595    47595              
==========================================
- Hits        17977    17975       -2     
- Misses      27029    27031       +2     
  Partials     2589     2589
Impacted Files Coverage Δ
models/repo_list.go 63.29% <0%> (-1.27%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update abb364f...c1d4450. Read the comment docs.

@bkcsoft bkcsoft added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Jan 12, 2019
@lunny lunny added the type/bug label Jan 12, 2019
@lunny lunny added this to the 1.8.0 milestone Jan 12, 2019
@bkcsoft bkcsoft added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Jan 12, 2019
zeripath
zeripath approved these changes Jan 12, 2019
View reviewed changes
Copy link
Contributor

@zeripath zeripath left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry I missed this on the earlier PR

@bkcsoft bkcsoft added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Jan 12, 2019
@techknowlogick techknowlogick merged commit f59bfe8 into go-gitea:master Jan 12, 2019
@go-gitea go-gitea locked and limited conversation to collaborators Nov 24, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@zeripath zeripath zeripath approved these changes

@lunny lunny lunny approved these changes

Assignees
No one assigned
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. type/bug
Projects
None yet
Milestone
1.8.0
Development

Successfully merging this pull request may close these issues.
6 participants
@apricote @codecov-io @lunny @zeripath @techknowlogick @bkcsoft