This repository has been archived by the owner on Apr 26, 2024. It is now read-only.
Debian package: sqlite db, media and logs are world-readable by default #10008
Labels
A-Packaging
Our Debian packages, docker images; or issues relevant to downstream packagers
good first issue
Good for newcomers
Security
T-Task
Refactoring, removal, replacement, enabling or disabling functionality, other engineering tasks.
Comments
erikjohnston
added
Security
T-Task
richvdh
added
A-Packaging
|
I think this is a dup of #2955 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
The following files and directories are world-readable by default:
All of these contain sensitive user information and should not be world-readable!
Installation package: matrix-synapse-py3 from packages.matrix.org
Synapse version:
{"server_version":"1.33.2","python_version":"3.7.3"}OS: Debian 10
Related issues:
homeserver.yamlis world-readable #6364 (permissions of homeserver.yaml)--generate-keyscreates world readable private key (SYN-671) #1528 (permissions of private key)The text was updated successfully, but these errors were encountered: