Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] About certificate private key files with 644 permissions #1950

Open
hcwnbs opened this issue Mar 7, 2025 · 1 comment
Open

[BUG] About certificate private key files with 644 permissions #1950

hcwnbs opened this issue Mar 7, 2025 · 1 comment
Assignees
@FillZpp
Labels
kind/bug Something isn't working

Comments

@hcwnbs
Copy link

hcwnbs commented Mar 7, 2025
edited
Loading

While using the OpenKruise 1.5.4 image, I discovered numerous certificate private key files with 644 permissions within the image. I am eager to understand the specific purpose and significance of these private key files. Additionally, I noticed that the protection.log file also has 644 permissions, and I would like to inquire whether adjusting its permissions to 640 could further enhance system security.May I ask if there is any plan to address these issues?

Image
@hcwnbs hcwnbs added the kind/bug Something isn't working label Mar 7, 2025
@furykerry
Copy link
Member

these files belongs to the alpine base image, it is not enough to enhance the system security by just changing the permission of these files. In stead, openkruise can switch to use distroless base image. You're welcome to submit patch to change the base image.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@FillZpp FillZpp

Labels
kind/bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@furykerry @FillZpp @hcwnbs