Skip to content
Snippets Groups Projects
Commit a89d6ea1 authored by Klaus Reuter's avatar Klaus Reuter
Browse files

restrict permissions of the mount point

parent 90eef0a8
No related branches found
No related tags found
No related merge requests found
Pipeline #181637 passed
...@@ -273,7 +273,7 @@ def build(args): ...@@ -273,7 +273,7 @@ def build(args):
sys.exit(1) sys.exit(1)
else: else:
try: try:
os.makedirs(env_directory, exist_ok=True) os.makedirs(env_directory, exist_ok=True, mode=0o700)
create_base_environment(cfg) create_base_environment(cfg)
create_condainer_environment(cfg) create_condainer_environment(cfg)
clean_environment(cfg) clean_environment(cfg)
...@@ -295,7 +295,7 @@ def mount(args): ...@@ -295,7 +295,7 @@ def mount(args):
print("hint: condainer already mounted") print("hint: condainer already mounted")
else: else:
env_directory = get_env_directory(cfg) env_directory = get_env_directory(cfg)
os.makedirs(env_directory, exist_ok=True) os.makedirs(env_directory, exist_ok=True, mode=0o700)
squashfs_image = get_image_filename(cfg) squashfs_image = get_image_filename(cfg)
cmd = f"squashfuse {squashfs_image} {env_directory}".split() cmd = f"squashfuse {squashfs_image} {env_directory}".split()
proc = subprocess.Popen(cmd, shell=False) proc = subprocess.Popen(cmd, shell=False)
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment