Skip to content
This repository has been archived by the owner on Jun 11, 2024. It is now read-only.

Sensitive data stored in world-readable files #8448

Closed
Tracked by #7226
shuse2 opened this issue May 15, 2023 · 0 comments · Fixed by #8482
Closed
Tracked by #7226

Sensitive data stored in world-readable files #8448

shuse2 opened this issue May 15, 2023 · 0 comments · Fixed by #8482
Assignees
@mosmartin
Labels
type: bug
Milestone
Sprint 96

Comments

@shuse2
Copy link
Collaborator

shuse2 commented May 15, 2023

Expected behavior

When a file is stored with fs.write or fs.writeJSON, it should only be accessible to the creator of the file.

Actual behavior

When a file is stored with fs.write or fs.writeJSON, it is accessible from other users on the machine.

Steps to reproduce

try passphrase:create to create new passphrase on a file and check from other users

Which version(s) does this affect? (Environment, OS, etc...)

6.0.0-beta.0-
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@mosmartin mosmartin

Labels
type: bug
Projects
None yet
Milestone
Sprint 96
Development

Successfully merging a pull request may close this issue.

Set the file permissions to only allow the owner to read and write. LiskArchive/lisk-sdk
3 participants
@shuse2 @mosmartin @Madhulearn