fix: require user configuration files to only have 600 permissions (!1535) · Merge requests · GitLab.org / cli

Gary Holtz requested to merge 7494-require-user-configuration-files-to-only-have-the-read-and-write-user-permission-bits-set into main Jun 11, 2024

Description

As per #7494 (closed), it's possible that SSH configuration files are modifiable by anyone which can be considered unsafe (but not necessarily vulnerable). To harden the security of the GitLab CLI, the permissions of the files should be checked to ensure that they only the read and write permissions for user set.

Related Issues

Resolves #7494 (closed)

How to test?

In a terminal, chmod 755 ~/.ssh/config
Run glab status from this branch
Confirm error message exists
Set ~/.ssh/config back to 600

Screenshots (if appropriate):

Types of changes

Bug fix (non-breaking change which fixes an issue)
New feature (non-breaking change which adds functionality)
Breaking change (fix or feature that would cause existing functionality to change)
Documentation
Chore (Related to CI or Packaging to platforms)
Test gap

Closes #7494 (closed)

Edited Jun 12, 2024 by Gary Holtz

fix: require user configuration files to only have 600 permissions

Description

Related Issues

How to test?

Screenshots (if appropriate):

Types of changes

Merge request reports