fix: require user configuration files to only have 600 permissions
requested to merge 7494-require-user-configuration-files-to-only-have-the-read-and-write-user-permission-bits-set into main
Description
As per #7494 (closed), it's possible that SSH configuration files are modifiable by anyone which can be considered unsafe (but not necessarily vulnerable). To harden the security of the GitLab CLI, the permissions of the files should be checked to ensure that they only the read
and write
permissions for user
set.
Related Issues
Resolves #7494 (closed)
How to test?
- In a terminal,
chmod 755 ~/.ssh/config
- Run
glab status
from this branch - Confirm error message exists
- Set
~/.ssh/config
back to 600
Screenshots (if appropriate):
Types of changes
-
Bug fix (non-breaking change which fixes an issue) -
New feature (non-breaking change which adds functionality) -
Breaking change (fix or feature that would cause existing functionality to change) -
Documentation -
Chore (Related to CI or Packaging to platforms) -
Test gap
Closes #7494 (closed)
Edited by Gary Holtz