Skip to content

config: fix access for config and history file #166

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Aug 7, 2025
Merged

config: fix access for config and history file #166

merged 2 commits into from
Aug 7, 2025

Conversation

@shwstppr
Copy link
Contributor

@shwstppr shwstppr commented Aug 4, 2025

Fixes #157

DaanHoogland
DaanHoogland approved these changes Aug 5, 2025
View reviewed changes
Copy link
Contributor

@DaanHoogland DaanHoogland left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

clgtm

DaanHoogland
DaanHoogland reviewed Aug 5, 2025
View reviewed changes
@DaanHoogland DaanHoogland self-requested a review August 5, 2025 13:56
@DaanHoogland
Copy link
Contributor

DaanHoogland commented Aug 5, 2025

works as expected but I want to sugest being a touch more restrictive in the access rights, i.e. no group access.

@DaanHoogland DaanHoogland requested a review from Copilot August 6, 2025 05:34
Copilot AI reviewed Aug 6, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR fixes file access permissions for configuration and history files by setting them to group-private mode (0660). The changes ensure that sensitive configuration data is protected from unauthorized access by restricting permissions.

  • Introduces a new makeFileGroupPrivate function to set file permissions to 0660
  • Applies permission fixes to both config and history files after they are saved
  • Adds conditional permission setting for history files when they exist

@shwstppr
fix
b2929d0 
Signed-off-by: Abhishek Kumar <[email protected]>
@shwstppr shwstppr marked this pull request as ready for review August 6, 2025 12:06
@shwstppr shwstppr added this to the 6.5.0 milestone Aug 6, 2025
@shwstppr shwstppr merged commit 4673829 into apache:main Aug 7, 2025
1 check passed
@shwstppr shwstppr mentioned this pull request Aug 7, 2025
Closed
shwstppr added a commit to shwstppr/cloudstack-cloudmonkey that referenced this pull request Aug 13, 2025
@shwstppr
config: fix access for config and history file (apache#166)
4797c90 
Fixes apache#157

---------

Signed-off-by: Abhishek Kumar <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@rohityadavcloud rohityadavcloud rohityadavcloud approved these changes

@DaanHoogland DaanHoogland DaanHoogland approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

6.5.0

Development

Successfully merging this pull request may close these issues.

apikey and secretkey stored in plain text in (world readable) history file

3 participants

@shwstppr @DaanHoogland @rohityadavcloud