From 52e883c65cd06abcc6e4b8e4df3743214f68e7b7 Mon Sep 17 00:00:00 2001
From: CaptainB <bin@fit2cloud.com>
Date: Thu, 26 Sep 2024 15:20:12 +0800
Subject: [PATCH] =?UTF-8?q?build:=20sandbox=E6=9D=83=E9=99=90=E9=99=90?=
 =?UTF-8?q?=E5=88=B6=EF=BC=8C/opt/maxkb/app=20=E7=9B=AE=E5=BD=95=E4=B8=8B?=
 =?UTF-8?q?=E7=9A=84=E6=96=87=E4=BB=B6=E5=8F=AA=E8=83=BD=E8=AF=BB=E5=8F=96?=
 =?UTF-8?q?=E8=87=AA=E5=B7=B1=E7=9A=84=20/opt/maxkb/app/sandbox?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 installer/Dockerfile | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/installer/Dockerfile b/installer/Dockerfile
index f3d6121d6..86b3a63ed 100644
--- a/installer/Dockerfile
+++ b/installer/Dockerfile
@@ -61,6 +61,8 @@ RUN chmod 755 /opt/maxkb/app/installer/run-maxkb.sh && \
     cp -f /opt/maxkb/app/installer/run-maxkb.sh /usr/bin/run-maxkb.sh && \
     cp -f /opt/maxkb/app/installer/init.sql /docker-entrypoint-initdb.d && \
     mkdir -p /opt/maxkb/app/sandbox/python-packages &&  \
+    find /opt/maxkb/app -mindepth 1 -not -name 'sandbox' -exec chmod 700 {} + && \
+    chmod 500 /opt/maxkb/app/sandbox  && \
     useradd --no-create-home --home /opt/maxkb/app/sandbox --shell /bin/bash sandbox &&  \
     chown sandbox:sandbox /opt/maxkb/app/sandbox