blob storage makes anything user-readable only
Bug #683752 reported by
Bastian Blank
This bug report is a duplicate of:
Bug #683751: blob storage makes anything user-readable only.
Edit
Remove
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ZODB |
New
|
Undecided
|
Unassigned |
Bug Description
The blob storage makes sure that anything it touches is 0700 for the directories and 0400 and even warns if it is not. Usually it is up to the admin to decide, which permissions are appropriate and a random tool should not judge him. Also the permissions of the traditional FileStorage that handles the more problematic data is not at all curious about any permission.
It is enough to set the permissions of the top directory to restrict access to the whole blob storage. Therefor please only do the initial setup with 0700 and create any new directory with the umask and use 0444 for all the files. The attached patch against 3.9.6 or so implements it this way.
To post a comment you must log in.