Control Web Panel

WebPanel => Backup => Topic started by: ripieces on June 06, 2016, 08:34:17 AM

Title: backup access rights (all users can access)
Post by: ripieces on June 06, 2016, 08:34:17 AM
Hello.


I am not sure if this problem only affects me or if it's a general problem:

The backup folder and the files created in the backup folder are owned by root:root, however they are readable for all other users.

I did
chmod -R o-rx /backup
now to fix this myself.

I think if possible this should be changed in CWP, since if one user is compromised the user will be able to read all the files of the other users from the backup folder, which includes database settings / passwords and so on.
Title: Re: backup access rights (all users can access)
Post by: Netino on July 08, 2017, 06:06:16 PM
I second this change.
I right now test, and my server has this problem too.