Open seejdev opened 1 year ago
This relates to https://github.com/kolide/launcher/issues/1143
.../data
should be private.../conf/secret
isn't very secret, but should be private..../conf/launcher.flags
(or whatever it's called) should not be secret.It's possible some of that should change locations or move to the registry.
The launcher process runs as root/admin and lower privileged users should not be able to read or modify files & directories which are only used by the launcher process.
This includes:
This does not include files which are used by launcher desktop; these should be restricted to the logged-in user.