diff options
author | Alyssa Ross <hi@alyssa.is> | 2023-08-23 10:09:14 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2023-08-26 09:07:03 +0000 |
commit | 63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f (patch) | |
tree | d58934cb48f9c953b19a0d0d5cffc0d0c5561471 /nixpkgs/pkgs/servers/pleroma/Revert-Config-Restrict-permissions-of-OTP-config.patch | |
parent | c4eef3dacb2a3d359561f30917d9e3cc4e041be9 (diff) | |
parent | 91a22f76cd1716f9d0149e8a5c68424bb691de15 (diff) | |
download | nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.gz nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.bz2 nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.lz nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.xz nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.tar.zst nixlib-63dabcc77ef9a56655e1ca2ab2e25e6163a72c1f.zip |
Merge branch 'nixos-unstable' of https://github.com/NixOS/nixpkgs
Conflicts: nixpkgs/pkgs/build-support/go/module.nix nixpkgs/pkgs/development/python-modules/django-mailman3/default.nix
Diffstat (limited to 'nixpkgs/pkgs/servers/pleroma/Revert-Config-Restrict-permissions-of-OTP-config.patch')
-rw-r--r-- | nixpkgs/pkgs/servers/pleroma/Revert-Config-Restrict-permissions-of-OTP-config.patch | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/servers/pleroma/Revert-Config-Restrict-permissions-of-OTP-config.patch b/nixpkgs/pkgs/servers/pleroma/Revert-Config-Restrict-permissions-of-OTP-config.patch new file mode 100644 index 000000000000..48aa60d4f0d1 --- /dev/null +++ b/nixpkgs/pkgs/servers/pleroma/Revert-Config-Restrict-permissions-of-OTP-config.patch @@ -0,0 +1,40 @@ +From 29af78b112f7956ac1211fbfec2eadbf4caca40f Mon Sep 17 00:00:00 2001 +From: Yaya <yaya@uwu.is> +Date: Sun, 6 Aug 2023 00:02:40 +0000 +Subject: [PATCH] Revert "Config: Restrict permissions of OTP config file" + +This reverts commit 4befb3b1d02f32eb2c56f12e4684a7bb3167b0ee. + +The Nix store is world readable by design. +--- + lib/pleroma/config/release_runtime_provider.ex | 14 -------------- + 1 file changed, 14 deletions(-) + +diff --git a/lib/pleroma/config/release_runtime_provider.ex b/lib/pleroma/config/release_runtime_provider.ex +index 9ec0f975e..91e5f1a54 100644 +--- a/lib/pleroma/config/release_runtime_provider.ex ++++ b/lib/pleroma/config/release_runtime_provider.ex +@@ -20,20 +20,6 @@ def load(config, opts) do + + with_runtime_config = + if File.exists?(config_path) do +- # <https://git.pleroma.social/pleroma/pleroma/-/issues/3135> +- %File.Stat{mode: mode} = File.lstat!(config_path) +- +- if Bitwise.band(mode, 0o007) > 0 do +- raise "Configuration at #{config_path} has world-permissions, execute the following: chmod o= #{config_path}" +- end +- +- if Bitwise.band(mode, 0o020) > 0 do +- raise "Configuration at #{config_path} has group-wise write permissions, execute the following: chmod g-w #{config_path}" +- end +- +- # Note: Elixir doesn't provides a getuid(2) +- # so cannot forbid group-read only when config is owned by us +- + runtime_config = Config.Reader.read!(config_path) + + with_defaults +-- +2.40.1 + |