Skip to content

Commit

Permalink
Make sure that security context files are readable by all (#1729)
Browse files Browse the repository at this point in the history
Update internal/guest/runtime/hcsv2/uvm.go

Make sure that security-context directory has `0755` permissions.

Signed-off-by: Julien Maffre <jumaffre@microsoft.com>
  • Loading branch information
jumaffre authored Apr 14, 2023
1 parent b2acb03 commit b6806f3
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions internal/guest/runtime/hcsv2/uvm.go
Original file line number Diff line number Diff line change
Expand Up @@ -454,8 +454,8 @@ func (h *Host) CreateContainer(ctx context.Context, id string, settings *prot.VM
if err != nil {
return nil, fmt.Errorf("failed to create security context directory: %w", err)
}
// Make sure it's readable
if err := os.Chmod(securityContextDir, 0744); err != nil {
// Make sure that files inside directory are readable
if err := os.Chmod(securityContextDir, 0755); err != nil {
return nil, fmt.Errorf("failed to chmod security context directory: %w", err)
}

Expand Down

0 comments on commit b6806f3

Please sign in to comment.