Security fix: Incorrect permission assignment for critical resource

2023-07-14 16:49:57 +02:00 · 2023-07-14 16:49:57 +02:00 · f097c029f3
commit f097c029f3
parent 499e251796
10 changed files with 17 additions and 17 deletions
--- a/receiver/save.go
+++ b/receiver/save.go
@ -35,7 +35,7 @@ func saveTeamFile(p string, w http.ResponseWriter, r *http.Request) bool {
 func saveFile(p string, r *http.Request) error {
 	dirname := path.Dir(p)
 	if _, err := os.Stat(dirname); os.IsNotExist(err) {
-		if err = os.MkdirAll(dirname, 0755); err != nil {
+		if err = os.MkdirAll(dirname, 0751); err != nil {
 			return err
 		}
 	}