search

wurmlab / genevalidatorapp

A web wrapper for GeneValidator
GNU Affero General Public License v3.0
11 stars 3 forks source link

Non-executable files set with executable permissions #27

Closed mensfeld closed 3 years ago

mensfeld commented 3 years ago

Hey there,

My name is Maciej Mensfeld and I run a security research project https://diffend.io

While reviewing the source code of genevalidatorapp I've noticed, that several files in the data/public/web_files directory have executable permissions while not being an executables.

For example:

public/web_files/fonts/fontawesome-webfont.woff
public/web_files/fonts/fontawesome-webfont.ttf
public/web_files/fonts/fontawesome-webfont.svg
public/web_files/img/gene.png

is that something intended? If so, I would appreciate an explanation as I often find it a bug.

Thank you :pray:

IsmailM commented 3 years ago

Thanks - this should now be fixed