builder image: use sane umask
What does this MR do?
Revert umask 0000
to umask 0002
Why was this MR needed?
Fix massive security issue, having umask=0 and checked out files world writable will make containers built by uninformed users pwnable.
- #1736 (comment 114089700)
- #1736 (comment 114109901)
- #1736 (comment 35314083)
- !440 (comment 21342043)
Are there points in the code the reviewer needs to double check?
Does this MR meet the acceptance criteria?
-
Documentation created/updated - Tests
-
Added for this feature/bug -
All builds are passing
-
-
Branch has no merge conflicts with master
(if you do - rebase it please)
What are the relevant issue numbers?
Closes: #1736 (closed)
Edited by 🤖 GitLab Bot 🤖