Bug 264847 - security/vaultwarden: Change file permissions of rc.conf.d/vaultwarden to 0600
Summary: security/vaultwarden: Change file permissions of rc.conf.d/vaultwarden to 0600
Status: Open
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Michael Reifenberger
URL:
Keywords: needs-qa, security
Depends on:
Blocks:
 
Reported: 2022-06-23 12:37 UTC by Mateusz Piotrowski
Modified: 2022-06-23 12:37 UTC (History)
1 user (show)

See Also:
bugzilla: maintainer-feedback? (mr)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Mateusz Piotrowski freebsd_committer 2022-06-23 12:37:35 UTC
Hi,

Would it make sense to change the default permissions for /usr/local/rc.conf.d/vaultwarden* to 0600 so that the file is not world-readable by default? From what I understand, this file can contain sensitive details like admin tokens and passwords.

If it makes sense to you, I can commit a patch to enforce this behavior.

Thanks!