atomaka
commented
10 years ago I'm certainly willing to have this reviewed. However, it should be noted that this isn't something that is out of the ordinary. On default Debian/Ubuntu installs, the permissions of a user created with the --create-home flag are 755. And though I haven't done a RHEL/CentOS install of GitLab in a long time, I believe the default 700 user permissions was one of the issues behind the install. Since there suggested solution is to use the omnibus install, I imagine that this issue persists.
We need to seriously review file permissions here. We have ownership set right, but I was looking at my Gitlab home directory, and it's almost all readable by other, which isn't ideal. The Gitlab installation guide lists some permissions; however, I'm asking Gitlab for a lowdown of proper secure file permissions.