From 16ca8f25c45f1c5f6f2241c2f47c15356f4e8f2c Mon Sep 17 00:00:00 2001 From: Jakob Ackermann Date: Wed, 29 Jan 2020 12:14:32 +0100 Subject: [PATCH] [misc] narrow down the rw accessible directories for the run user (#119) --- server-ce/Dockerfile | 7 +------ server-ce/init_scripts/00_make_sharelatex_data_dirs.sh | 2 -- 2 files changed, 1 insertion(+), 8 deletions(-) diff --git a/server-ce/Dockerfile b/server-ce/Dockerfile index 48c14a26ff..f00b6da4d1 100644 --- a/server-ce/Dockerfile +++ b/server-ce/Dockerfile @@ -26,7 +26,7 @@ ADD ${baseDir}/git-revision.sh /var/www/git-revision.sh RUN cd /var/www && npm install -# Replace overleaf/config/services.js with the list of available +# Replace overleaf/config/services.js with the list of available # services in Overleaf Community Edition # -------------------------------------------------------------- ADD ${baseDir}/services.js /var/www/sharelatex/config/services.js @@ -49,11 +49,6 @@ RUN bash -c 'cd /var/www/sharelatex && source ./bin/compile-services' RUN ln -s /var/www/sharelatex/clsi/bin/synctex /opt/synctex -# Change application ownership to www-data -# ---------------------------------------- -RUN chown -R www-data:www-data /var/www/sharelatex; - - # Copy runit service startup scripts to its location # -------------------------------------------------- ADD ${baseDir}/runit /etc/service diff --git a/server-ce/init_scripts/00_make_sharelatex_data_dirs.sh b/server-ce/init_scripts/00_make_sharelatex_data_dirs.sh index 7857b984fb..6085a087da 100755 --- a/server-ce/init_scripts/00_make_sharelatex_data_dirs.sh +++ b/server-ce/init_scripts/00_make_sharelatex_data_dirs.sh @@ -26,8 +26,6 @@ chown www-data:www-data /var/lib/sharelatex/tmp/uploads mkdir -p /var/lib/sharelatex/tmp/dumpFolder chown www-data:www-data /var/lib/sharelatex/tmp/dumpFolder -chown www-data:www-data /var/www/ - if [ ! -e "/var/lib/sharelatex/data/db.sqlite" ]; then touch /var/lib/sharelatex/data/db.sqlite fi