mirror of
https://github.com/vmware-tanzu/velero.git
synced 2026-01-06 13:26:26 +00:00
254a5eebb5
Velero client config file should have restricted file permissions to be read/write-able for the user that creates it--similiar to files like `.ssh/id_rsa` Refer to OTG-CONFIG-009: Test File Permission > Impoper file permission configuration may result in privilledge escalation, information explousure, DLL injection, or unauthorized file access. Therefore, files permission must be properly configured with minium access permission by default. [source](https://www.owasp.org/index.php/Test_File_Permission_(OTG-CONFIG-009)) Ticket: #1758 Signed-off-by: John Naulty <johnnaulty@bitgo.com>