chrnorm
commented
1 hour ago Thanks for flagging this @jpbelleau, I'm working on a fix for this now
Closed jpbelleau closed 1 hour ago
chrnorm
commented
1 hour ago Thanks for flagging this @jpbelleau, I'm working on a fix for this now
jpbelleau
commented
1 hour ago I have one done and working to open a PR.
chrnorm
commented
1 hour ago Thankyou. My proposed change is to simply revert #751
jpbelleau
commented
1 hour ago I have not sent a change to granted yet and have some setup to do. I found the 2 offending issues and no revert should be needed.
chrnorm
commented
1 hour ago No problems. I've just raised https://github.com/common-fate/granted/pull/755. If you are able to note the offending issues by dropping a comment on the PR that would be great. I am keen to revert here as it looks like the PR inadvertently changed some files from 0600 to 0644 - I think these files can be left as 0600.
jpbelleau
commented
1 hour ago Added PR for the config folder fixes
chrnorm
commented
1 hour ago @jpbelleau this is now released in v0.34.1, thanks again for the report. The release binaries are now building and will be live in the next 10 minutes or so. I ended up merging my PR over yours because I wanted to shift the permissions back to 0600. I marked you as a coauthor on the PR though to highlight your contribution - thankyou so much for your help here.
Some context too on why #751 was implemented at all - @JoshuaWilkes noticed recently that that the ~/.granted/config file was executable on his machine, and the PR was put up as a response to this. Upon reviewing the change though I think that the Josh's ~/.granted/config file may have been made executable outside of Granted, as I was unable to reproduce this myself.
It appears the file permissions for the Granted config directory, when created, are wrong. We saw the change in behavior with the 0.34 release. If fails when running
granted registry add .... Looking at #751, the wrong permissions were used for directory creation.