[PR #1842] [CLOSED] Set file permissions for created files #3016

New issue

Closed

opened 2026-03-03 09:09:22 +03:00 by kerem · 0 comments

kerem commented

2026-03-03 09:09:22 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/dani-garcia/vaultwarden/pull/1842
Author: @RealOrangeOne
Created: 7/6/2021
Status: ❌ Closed

Base: main ← Head: file-permissions

📝 Commits (2)

2c0ec4c Use write_file util everywhere
c1dc531 Set file permissions when creating files

📊 Changes

6 files changed (+45 additions, -30 deletions)

View changed files

📝 src/api/core/ciphers.rs (+21 -16)
📝 src/api/core/sends.rs (+3 -0)
📝 src/api/icons.rs (+4 -9)
📝 src/config.rs (+3 -4)
📝 src/main.rs (+3 -1)
📝 src/util.rs (+11 -0)

📄 Description

Fixes https://github.com/dani-garcia/vaultwarden/discussions/1784

This isn't a full audit of all places files are created, but it covers most. Intentionally not set them on the image cache, as they're not sensitive.

It only works on unix, because that's the only place permissions like this work. It should work fine under docker even if docker isn't run on unix.

This also reuses the existing write_file util in a few places which custom implemented it.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/dani-garcia/vaultwarden/pull/1842 **Author:** [@RealOrangeOne](https://github.com/RealOrangeOne) **Created:** 7/6/2021 **Status:** ❌ Closed **Base:** `main` ← **Head:** `file-permissions` --- ### 📝 Commits (2) - [`2c0ec4c`](https://github.com/dani-garcia/vaultwarden/commit/2c0ec4cdd3aea450de58b0592db43e0a94c360fd) Use `write_file` util everywhere - [`c1dc531`](https://github.com/dani-garcia/vaultwarden/commit/c1dc5313171a81097e1783ba63e208282665b398) Set file permissions when creating files ### 📊 Changes **6 files changed** (+45 additions, -30 deletions) <details> <summary>View changed files</summary> 📝 `src/api/core/ciphers.rs` (+21 -16) 📝 `src/api/core/sends.rs` (+3 -0) 📝 `src/api/icons.rs` (+4 -9) 📝 `src/config.rs` (+3 -4) 📝 `src/main.rs` (+3 -1) 📝 `src/util.rs` (+11 -0) </details> ### 📄 Description Fixes https://github.com/dani-garcia/vaultwarden/discussions/1784 This isn't a full audit of all places files are created, but it covers most. Intentionally not set them on the image cache, as they're not sensitive. It only works on unix, because that's the only place permissions like this work. It should work fine under docker even if docker isn't run on unix. This also reuses the existing `write_file` util in a few places which custom implemented it. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>