[Bug 264847] security/vaultwarden: Change file permissions of rc.conf.d/vaultwarden to 0600
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 23 Jun 2022 12:37:35 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=264847 Bug ID: 264847 Summary: security/vaultwarden: Change file permissions of rc.conf.d/vaultwarden to 0600 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: mr@FreeBSD.org Reporter: 0mp@FreeBSD.org Flags: maintainer-feedback?(mr@FreeBSD.org) Assignee: mr@FreeBSD.org Hi, Would it make sense to change the default permissions for /usr/local/rc.conf.d/vaultwarden* to 0600 so that the file is not world-readable by default? From what I understand, this file can contain sensitive details like admin tokens and passwords. If it makes sense to you, I can commit a patch to enforce this behavior. Thanks! -- You are receiving this mail because: You are the assignee for the bug.