mirror of
				https://github.com/dani-garcia/vaultwarden.git
				synced 2025-10-26 00:30:40 +03:00 
			
		
		
		
	Allow custom umask setting (#4896)
To provide a way to add more security regarding file/folder permissions this PR adds a way to allow setting a custom `UMASK` variable. This allows people to set a more secure default like only allowing the owner the the process/container to read/write files and folders. Examples: - `UMASK=022` File: 644 | Folder: 755 (Default of the containers) This means Owner read/write and group/world read-only - `UMASK=027` File: 640 | Folder: 750 This means Owner read/write, group read-only, world no access - `UMASK=077` File: 600 | Folder: 700 This measn Owner read/write and group/world no access resolves #4571 Signed-off-by: BlackDex <black.dex@gmail.com>
This commit is contained in:
		
				
					committed by
					
						 GitHub
						GitHub
					
				
			
			
				
	
			
			
			
						parent
						
							2b824e8096
						
					
				
				
					commit
					92f1530e96
				
			| @@ -1,5 +1,9 @@ | ||||
| #!/bin/sh | ||||
|  | ||||
| if [ -n "${UMASK}" ]; then | ||||
|     umask "${UMASK}" | ||||
| fi | ||||
|  | ||||
| if [ -r /etc/vaultwarden.sh ]; then | ||||
|     . /etc/vaultwarden.sh | ||||
| elif [ -r /etc/bitwarden_rs.sh ]; then | ||||
|   | ||||
		Reference in New Issue
	
	Block a user