starred/pictshare
1
0
Fork 0
mirror of https://github.com/HaschekSolutions/pictshare.git synced 2026-04-25 23:15:51 +03:00
Code Issues 34 Projects Releases Packages Wiki Activity

[GH-ISSUE #121] File permissions and ownership #94

New issue
Closed
opened 2026-02-25 23:40:40 +03:00 by kerem · 1 comment
kerem commented 2026-02-25 23:40:40 +03:00
Owner
Copy link

Originally created by @Nutomic on GitHub (Jun 5, 2020).
Original GitHub issue: https://github.com/HaschekSolutions/pictshare/issues/121

It looks like all pictshare images are world writable and executable. And they are owned by systemd-network for some reason. That looks extremely bad for security.

$ ls -la volumes/pictshare/
drwxrwxrwx    2 systemd-network systemd-journal   4096 Jun  3 19:57 008jwy.jpg
Originally created by @Nutomic on GitHub (Jun 5, 2020). Original GitHub issue: https://github.com/HaschekSolutions/pictshare/issues/121 It looks like all pictshare images are world writable and executable. And they are owned by `systemd-network` for some reason. That looks extremely bad for security. ``` $ ls -la volumes/pictshare/ drwxrwxrwx 2 systemd-network systemd-journal 4096 Jun 3 19:57 008jwy.jpg ```
kerem closed this issue 2026-02-25 23:40:40 +03:00
kerem commented 2026-02-25 23:40:40 +03:00
Author
Owner
Copy link

@geek-at commented on GitHub (Jun 5, 2020):

it's not owned by systemd. The docker container doesn't even have systemd. What you are seeing as "systemd" is just what your computer names the group number (groups in linux are identified via numbers not names). The container is running it as "nginx"

confirm using: docker exec -it pictshare ls -al data/

But yes the permissions might be too open since I had many weeks of troubles with nginx and docker not being allowed to save to directories or read files. You're welcome to add pull request on the docker side of things because it seems to be over my head

<!-- gh-comment-id:639612910 --> @geek-at commented on GitHub (Jun 5, 2020): it's not owned by systemd. The docker container doesn't even have systemd. What you are seeing as "systemd" is just what your computer names the group number (groups in linux are identified via numbers not names). The container is running it as "nginx" confirm using: `docker exec -it pictshare ls -al data/` But yes the permissions might be too open since I had many weeks of troubles with nginx and docker not being allowed to save to directories or read files. You're welcome to add pull request on the docker side of things because it seems to be over my head
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
dependabot/composer/src/lib/phpunit/phpunit-12.5.22
v3
v2
v3.0.7
v3.0.6
v3.0.5
v3.0.4
v3.0.3
v3.0.2
v3.0.1
v3.0.0
v2.0.3
v2.0.2
v2.0.1
v2.0.0
1.5
v1.1
1.0
Labels
Clear labels   
Feature request

   
Feature request

   
bug

   
cant reproduce

   
enhancement

   
help wanted

   
pull-request

Mirrored from GitHub Pull Request

  
wontfix
No labels
Feature request
Feature request
bug
cant reproduce
enhancement
help wanted
pull-request
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/pictshare#94
No description provided.