15308555518/ MaxKB
1
0
Fork 0
mirror of https://github.com/1Panel-dev/MaxKB.git synced 2025-12-25 17:22:55 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

build: Sensitive directory permissions (#3120)

This commit is contained in:
shaohuzhang1 2025-05-21 11:45:38 +08:00 committed by GitHub
parent adc5af9cef
commit 71fdce08d7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
installer/Dockerfile
View File

@ -66,9 +66,10 @@ RUN chmod 755 /opt/maxkb/app/installer/run-maxkb.sh && \
curl -L --connect-timeout 120 -m 1800 https://resource.fit2cloud.com/maxkb/ffmpeg/get-ffmpeg-linux | sh && \
mkdir -p /opt/maxkb/app/sandbox/python-packages && \
find /opt/maxkb/app -mindepth 1 -not -name 'sandbox' -exec chmod 700 {} + && \
chmod 755 /tmp && \
useradd --no-create-home --home /opt/maxkb/app/sandbox sandbox -g root && \
chown -R sandbox:root /opt/maxkb/app/sandbox && \
chmod 755 /tmp && chmod 750 /etc &&\
groupadd sandbox &&\
useradd --no-create-home --home /opt/maxkb/app/sandbox sandbox -g sandbox && \
chown -R sandbox:sandbox /opt/maxkb/app/sandbox && \
chmod g-x /usr/local/bin/* /usr/bin/* /bin/* /usr/sbin/* /sbin/* /usr/lib/postgresql/15/bin/* && \
chmod g+x /usr/local/bin/python*