github-starred/vaultwarden
2
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-05-22 16:14:20 -05:00
Code Issues 307 Packages Projects Releases 83 Wiki Activity

[PR #4896] [MERGED] Allow custom umask setting #7164

New Issue
Closed
opened 2026-03-07 21:12:05 -06:00 by GiteaMirror · 0 comments
GiteaMirror commented 2026-03-07 21:12:05 -06:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/dani-garcia/vaultwarden/pull/4896
Author: @BlackDex
Created: 8/26/2024
Status: Merged
Merged: 8/27/2024
Merged by: @dani-garcia

Base: mainHead: allow-custom-umask

📝 Commits (1)

  • 6f7d7a6 Allow custom umask setting

📊 Changes

1 file changed (+4 additions, -0 deletions)

View changed files

📝 docker/start.sh (+4 -0)

📄 Description

To provide a way to add more security regarding file/folder permissions this PR adds a way to allow setting a custom UMASK variable.

This allows people to set a more secure default like only allowing the owner the the process/container to read/write files and folders.

Examples:

  • UMASK=022 File: 644 | Folder: 755 (Default of the containers)
    This means Owner read/write and group/world read-only

  • UMASK=027 File: 640 | Folder: 750
    This means Owner read/write, group read-only, world no access

  • UMASK=077 File: 600 | Folder: 700
    This means Owner read/write and group/world no access

resolves #4571

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/dani-garcia/vaultwarden/pull/4896 **Author:** [@BlackDex](https://github.com/BlackDex) **Created:** 8/26/2024 **Status:** ✅ Merged **Merged:** 8/27/2024 **Merged by:** [@dani-garcia](https://github.com/dani-garcia) **Base:** `main` ← **Head:** `allow-custom-umask` --- ### 📝 Commits (1) - [`6f7d7a6`](https://github.com/dani-garcia/vaultwarden/commit/6f7d7a6ff94a53fb5ceb2922552adbe94c178e6f) Allow custom umask setting ### 📊 Changes **1 file changed** (+4 additions, -0 deletions) <details> <summary>View changed files</summary> 📝 `docker/start.sh` (+4 -0) </details> ### 📄 Description To provide a way to add more security regarding file/folder permissions this PR adds a way to allow setting a custom `UMASK` variable. This allows people to set a more secure default like only allowing the owner the the process/container to read/write files and folders. Examples: - `UMASK=022` File: 644 | Folder: 755 (Default of the containers) This means Owner read/write and group/world read-only - `UMASK=027` File: 640 | Folder: 750 This means Owner read/write, group read-only, world no access - `UMASK=077` File: 600 | Folder: 700 This means Owner read/write and group/world no access resolves #4571 --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2026-03-07 21:12:05 -06:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
better for forum
bug
documentation
duplicate
enhancement
future Vault
good first issue
help wanted
low priority
notes
pull-request
Mirrored from GitHub Pull Request
 question
SSO
Third party
troubleshooting
wontfix
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/vaultwarden#7164
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?