community/syncthing: don't allow reading by default (!52262) · Merge requests · alpine / aports

Sertonix requested to merge sertonix/aports:syncthing-read-permissions into master Sep 25, 2023

Currently the syncthing home dir can be read by anyone. This directory contains the syncthing config which contains hashed passwords and other sensitive information. Also the content which is synced may include sensitive information. It would be better to explicitly permit reading if needed. (principle of least knowledge)

Edited Sep 25, 2023 by Sertonix

community/syncthing: don't allow reading by default

Merge request reports