New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.
Already on GitHub? Sign in to your account
Tidy up configuration files UNIX permissions #7983
base: master
Are you sure you want to change the base?
Conversation
Thanks, testing video please, so that we can confirm it can work as expected. |
Hey @rustdesk, I'm really sorry but I can't manage to find "video" tests. Do you have a pointer or documentation that I could read to add such a test case ? |
Like this, #7988 Showing your PR taking effect, and not break any function. |
So I eventually got what you mean by "testing video"... During building/testing, I've also encountered an issue related to Docker image and PAM, so I took the liberty to add the missing library to package dependencies list. Bye 馃憢 |
Unit test is not enough for such case. Integration test is required. |
There isn't any integration tests from what I see... I could make a screenshot of RD running and my terminal showing configuration files with
Thanks for your time, bye 馃檹 |
Let's give you an example. If a ipc file created with 600 permission, does it mean only the creator can access it? then the other process running as the other user can not connect to the IPC? You need to undertand test, testing is for fixing your "I think". |
Fully-agreeing here with your IPC example; Is
馃憤 that's why projects usually rely on testing workflows that maintainers trust, and not "videos" recorded on untrusted machines (?), with completely unknown codes/setups/configurations which result in non-reproducible scenarios. Thanks, see you 馃憢 |
Such a flow may be easy to set up for some project, but it is too hard for RustDesk, I hope you can understand. |
``` wrapper.h:1:10: fatal error: 'security/pam_appl.h' file not found ``` Signed-off-by: Samuel FORESTIER <[email protected]>
Signed-off-by: Samuel FORESTIER <[email protected]>
(rebased according to confy submodule "move" @rustdesk) |
Little up @rustdesk, thanks 馃檹 |
Hello 馃憢
This patch enforces
0600
UNIX permission on configuration files, for non-Windows hosts.As they usually contain remote machine credentials, their access should be restricted to their owner.
Thanks, bye 馃檹