[
https://issues.apache.org/jira/browse/GUACAMOLE-1460?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17446714#comment-17446714
]
Mike Jumper commented on GUACAMOLE-1460:
----------------------------------------
These permissions are intentional and explicitly set to protect uploaded data:
* For files uploaded via RDP (and thus stored on behalf of the user by the
Guacamole server), these files should strictly be readable only by the guacd
service. Being readable by other users would potentially open up private files
that are otherwise expected to be readable only by the user that uploaded them.
* For files uploaded more directly via SFTP (stored on whichever SSH server is
being used for the connection), unlike if uploading directly with a native SFTP
client, the local permissions assigned to the file are not known. Unless strict
permissions are set, uploading a file that must be private and which has strict
permissions set (such as a private key) would result in that file inadvertently
having those permissions opened up, creating a window during which other users
would be able to read that data.
> default permission of the file is not correct
> ----------------------------------------------
>
> Key: GUACAMOLE-1460
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1460
> Project: Guacamole
> Issue Type: Bug
> Reporter: hezhanwei
> Priority: Major
>
> Use Guacamole to upload the file, the file can be successfully uploaded, but
> the default permission of the file is not correct, normal is 644(-rw-r--r--
> ), guacamole after uploading the permission is 600(-rw------- ), please help..
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
