aither/simple-nixos-mailserver
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Use umask for race-free permission setting

Browse Source 
Without using umask there's a small time window where paths are world
readable. That is a bad idea to do for secret files (e.g. the dovecot
code path).
This commit is contained in:
Bjørn Forsman
2023-06-28 10:22:07 +02:00
parent 69a4b7ad67
commit a3b03d1b5a
3 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
mail-server/dovecot.nix
View File

@@ -104,6 +104,9 @@ let
chmod 755 "${passwdDir}"
fi
# Prevent world-readable password files, even temporarily.
umask 077
for f in ${builtins.toString (lib.mapAttrsToList (name: value: passwordFiles."${name}") cfg.loginAccounts)}; do
if [ ! -f "$f" ]; then
echo "Expected password hash file $f does not exist!"
@@ -125,9 +128,6 @@ let
else "")
) cfg.loginAccounts)}
EOF
chmod 600 ${passwdFile}
chmod 600 ${userdbFile}
'';
junkMailboxes = builtins.attrNames (lib.filterAttrs (n: v: v ? "specialUse" && v.specialUse == "Junk") cfg.mailboxes);