In todays episode of "fun with ":

While modifying an image because ssh login is not working I found out that sshd_config and some other files are chmod 666.

It is worth mentioning that gitlab-ci checkouts are chmod 666 and developers will forget about that!

It is also worth mentioning that I reported the gitlab-runner script doing that as a security risk 2 years ago!

πŸ™ˆ πŸ™Š πŸ™‰

Β· Β· Web Β· 1 Β· 0 Β· 1

I will probably add a file permission scanner into podman-tools which shuts down, or changes any chmod 666 and 777 permissions within a container before running them. I mean, how hard can it be? πŸ€”

Sign in to participate in the conversation

This is the social network for's community.