public inbox for [email protected]
help / color / mirror / Atom feedFrom: Qasim Tahir <[email protected]>
To: [email protected]
Subject: Potential Security Issue: Permissions in PgAdmin Installation Directory
Date: Fri, 31 May 2024 11:17:27 +0500
Message-ID: <CAG=GPUPva4=hFdQNGwke2auE6sL0kVW6hb2bSxbWE4xdtWe93A@mail.gmail.com> (raw)
Dear PgAdmin Community,
I am writing to report a potential security issue with the permissions set
in the PgAdmin installation directory.
After installing PgAdmin, I observed that several directories, including
'bin', 'venv', and 'web', have 775 permissions. Here are the details of the
directory permissions:
[image: image.png]
Given the broad access provided by 775 permissions, there is a concern
about the potential for unauthorized access or modifications.
I would like to ask if these permissions are necessary for PgAdmin's
operation or if they could be tightened to enhance security.
Your guidance on this matter would be greatly appreciated.
Thank you for your attention to this issue.
Best Regards,
Qasim Tahir
AGEDB
Attachments:
[image/png] image.png (23.8K, 3-image.png)
download | view image
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected]
Subject: Re: Potential Security Issue: Permissions in PgAdmin Installation Directory
In-Reply-To: <CAG=GPUPva4=hFdQNGwke2auE6sL0kVW6hb2bSxbWE4xdtWe93A@mail.gmail.com>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox