Closed stephdl closed 3 months ago
QA
test case 1
install ns8-mariadb 1.0.9-dev.2
check permission of ~.config/state/secrets/passwords.secret
it should be 400
test case 2
upgrade ns8-mariadb 1.0.9-dev.2
check permission of ~.config/state/secrets/passwords.secret
it should be 400
verified and released ghcr.io/nethserver/mariadb:1.0.9
Steps to reproduce
Expected behavior
users cannot browse files of other users but I expect permission more restrictive for this secrets file
Actual behavior
I have a 755 permissions on
/home/mariadb2/.config/state/secrets/passwords.secret
, howevermariadb1
is not able to browse file of another unix usermariadb2
Components
ns8-mariadb 1.0.8