Currently, octoprint gives write access to all files in its data

directory to everybody. This was probably considered appropriate for the case of octoprint running on a single-user device, but given that Unix has groups support, it is not necessary, and can be very harmful.
2013-10-27 02:32:14 +02:00 · 2013-10-27 02:32:14 +02:00 · 37c949e83b
commit 37c949e83b
parent 9008a2fb7f
1 changed files with 1 additions and 1 deletions
--- a/src/octoprint/daemon.py
+++ b/src/octoprint/daemon.py
@ -28,7 +28,7 @@ class Daemon:
 		# decouple from parent environment
 		os.chdir('/') 
 		os.setsid() 
-		os.umask(0) 
+		os.umask(022)
 	
 		# do second fork
 		try: