Security: Database file created with world-writable permissions (0o666/0o777) #123
Labels
No Label
P0 Critical
P1 High
P2 Medium
P3 Low
accessibility
backend
bug
content
data-integrity
enhancement
frontend
infra
integration
owner
owner-input
performance
performance
phase-7
phase-8
security
seo
ui
ux
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: null/Queue-North-Website#123
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Problem
server/index.js creates the database directory with
chmodSync(dbDir, 0o777)(world-writable) and the database file withchmodSync(dbPath, 0o666)(world-writable). This means any process on the host or in the container can read, modify, or delete the database.While Docker runs as a non-root user (UID 1001), the 0o777/0o666 permissions undermine that security boundary — any other container or process that can access the Docker volume could tamper with the database.
Additionally, server/db.js has the same pattern (though it is dead code — see #120).
Fix
Remove the chmodSync calls entirely. Let the database inherit the default permissions from the Docker volume mount. The non-root user (UID 1001) will still be able to read/write the file.
If permissions issues arise, use the Docker volume driver or a chown in the entrypoint script instead.
Files
Severity
Medium — in a Docker environment with no other containers sharing the volume, risk is limited. But it is a bad practice and violates least-privilege principles.