Review Drupal site directory permissions
Some directories exist that have 777 permissions.
Example: The “core” Drupal directory has things as follows drwxrwxrwx 22 nginx nginx 704 Jul 23 17:53 includes
In general the “nginx” user should not have ownership of all Drupal directories. Currently this is being set in the Dockerfile. The web user generally should only have write access to the public and private files directories.
Review Drupal site directory permissions Some directories exist that have 777 permissions. Example: The “core” Drupal directory has things as follows drwxrwxrwx 22 nginx nginx 704 Jul 23 17:53 includes
In general the “nginx” user should not have ownership of all Drupal directories. Currently this is being set in the Dockerfile. The web user generally should only have write access to the public and private files directories.