Details
-
Bug
-
Resolution: Fixed
-
Minor
-
0.19
-
None
Description
The bitrepository-reference-pillar-${version}-distribution.zip archive has its default permissions set to:
.: 777 (should be 755)
lib/: 777 (should be 755)
bin/: 740 (should be 750 or 755)
bin/*: 740 (should be 750 or 755)
conf/: 740 (should probably be 750)
conf/*: 740 (should be 600 for sensitive files such as private keys and 640 or 644 for nonsensitive files such as SQL scripts)
This is a security risk since it allows any user to e.g. replace the jar-files that are executed by the pillar.