I noticed that each time I restart Confluence 5.9.12, permissions on confluence.cfg.xml are reset:
$ ls -l /var/atlassian/application-data/confluence/confluence.cfg.xml
-rw------- 1 confluence confluence 2227 May 9 11:20 /var/atlassian/application-data/confluence/confluence.cfg.xml
$ bin/start-confluence.sh
To run Confluence in the foreground, start the server with start-confluence.sh -fg
executing as current user
If you encounter issues starting up Confluence, please see the Installation guide at http://confluence.atlassian.com/display/DOC/Confluence+Installation+Guide
Server startup logs are located in /opt/atlassian/confluence/logs/catalina.out
Using CATALINA_BASE: /opt/atlassian/confluence
Using CATALINA_HOME: /opt/atlassian/confluence
Using CATALINA_TMPDIR: /opt/atlassian/confluence/temp
Using JRE_HOME: /opt/atlassian/confluence/jre/
Using CLASSPATH: /opt/atlassian/confluence/bin/bootstrap.jar:/opt/atlassian/confluence/bin/tomcat-juli.jar
Using CATALINA_PID: /opt/atlassian/confluence/work/catalina.pid
Tomcat started.
$ ls -l /var/atlassian/application-data/confluence/confluence.cfg.xml
-rw-rw-r-- 1 confluence confluence 2227 May 9 13:08 /var/atlassian/application-data/confluence/confluence.cfg.xml
Notice that the permission was reset from 600 to 664 above.
This introduces security risks since the file is readable by everyone and it might (and normally does) contain db credentials.
Is there a way to ask Confluence not to reset the premissions?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.