Fix overly permissive file permissions (os.ModePerm) (#4207)
Several file operations used os.ModePerm (0777) which makes files world-writable and world-readable, violating the principle of least privilege: - database/db.go: InitDB directory creation → 0755 - xray/process.go: Xray config write → 0644 - xray/process.go: Crash report write → 0644 - web/service/server.go: Binary extraction → 0755 Also removes unused "io/fs" imports from the affected files.
This commit is contained in:
Qiaochu Hu
+1
-2
@@ -6,7 +6,6 @@ import (
|
||||
"bytes"
|
||||
"errors"
|
||||
"io"
|
||||
"io/fs"
|
||||
"log"
|
||||
"os"
|
||||
"path"
|
||||
@@ -133,7 +132,7 @@ func isTableEmpty(tableName string) (bool, error) {
|
||||
// InitDB sets up the database connection, migrates models, and runs seeders.
|
||||
func InitDB(dbPath string) error {
|
||||
dir := path.Dir(dbPath)
|
||||
err := os.MkdirAll(dir, fs.ModePerm)
|
||||
err := os.MkdirAll(dir, 0755)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user