Hi, I've recently set up a DokuWiki instance based mostly on mprasil's Docker image and found that after installation, config files had 644 permissions, meaning that any user logged into the system would be able to read them. This was worrying given that certain secrets can be stored there, for instance MySQL server user/password in
/dokuwiki/conf/mysql.conf or an email password stored via the SMTP plugin in
/dokuwiki/conf/local.php. This issue also seems to be present for other created files, such as 2FA files created via the attribute plugin. (ala twofactor and its configured provider)
Since finding this I've set the permissions of all files in
/dokuwiki/conf/ to 600 (with
www-data as the owner and group) and have not seen any issues, unless you count needing to use
sudo to read them as an issue. Is there a reason this is not the default setting? As best I can tell, PHP defaults to writing files with these permissions, but also provides a
chmod() function to change their permissions, which isn't used for these files.
I know the configuration manager offers setting
dmode to manage this more closely, but the defaults on my machine (0644 and 0755 respectively) are fine for most files, just not files storing secrets and tokens needing to be secured. I searched the project's issue tracker and didn't come up with anything mentioning this so I figured this would be a good place to open a discussion on this.