Thank you Stefan for the quick reply. Indeed good catch, that seems to be from Java :-D
On Friday, November 26, 2021 at 6:34:52 PM UTC+1 Stefan wrote: > On Friday, November 26, 2021 at 5:37:06 PM UTC+1 Alexander Zimmermann > wrote: > >> >> --- >> Severity: Medium >> Vulnerability: Improper File and Folder Permissions >> Description: The test team observed that the files and folders of the >> thick client application have more permissions than required. Attackers >> can use these excessive files and folders permissions to perform malicious >> activities. These excessive permissions even lead to DLL hijacking attack. >> Screenshot attached >> > > svn/tsvn does not set permissions on those files. > the permissions are automatically inherited from the parent folder. So if > those files have more rights than you like, you've set up the folder > permissions wrong. > > also the name "hsperfdata" indicates that this is not svn/tsvn that > creates those. Guess what process most likely is the one who creates > those... > > > -- You received this message because you are subscribed to the Google Groups "TortoiseSVN" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/tortoisesvn/5dab4945-a6af-4757-aa8c-5e08267134d1n%40googlegroups.com.
