Fix chmod check and relax mail
This commit is contained in:
parent
583a5a92de
commit
e9a20c82ed
@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "wms-core",
|
"name": "wms-core",
|
||||||
"version": "0.16.1",
|
"version": "0.16.3",
|
||||||
"description": "Node web framework",
|
"description": "Node web framework",
|
||||||
"repository": "git@gitlab.com:ArisuOngaku/wms-core.git",
|
"repository": "git@gitlab.com:ArisuOngaku/wms-core.git",
|
||||||
"author": "Alice Gaudon <alice@gaudon.pro>",
|
"author": "Alice Gaudon <alice@gaudon.pro>",
|
||||||
|
@ -186,9 +186,11 @@ export default abstract class Application {
|
|||||||
const fullPath = path.resolve(configDir, file);
|
const fullPath = path.resolve(configDir, file);
|
||||||
const stats = fs.lstatSync(fullPath);
|
const stats = fs.lstatSync(fullPath);
|
||||||
if (stats.uid !== process.getuid())
|
if (stats.uid !== process.getuid())
|
||||||
throw new SecurityError(fullPath + ' is not owned by this process (' + process.getuid() + ').');
|
throw new SecurityError(`${fullPath} is not owned by this process (${process.getuid()}).`);
|
||||||
if (stats.mode !== 400)
|
|
||||||
throw new SecurityError(fullPath + ' is not chmod 400.');
|
const mode = (stats.mode & parseInt('777', 8)).toString(8);
|
||||||
|
if (mode !== '400')
|
||||||
|
throw new SecurityError(`${fullPath} is ${mode}; should be 400.`);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check security fields
|
// Check security fields
|
||||||
|
@ -8,9 +8,9 @@ export default class MailComponent extends ApplicationComponent<void> {
|
|||||||
|
|
||||||
|
|
||||||
public async checkSecuritySettings(): Promise<void> {
|
public async checkSecuritySettings(): Promise<void> {
|
||||||
if (!config.get<boolean>('mail.secure')) {
|
// if (!config.get<boolean>('mail.secure')) {
|
||||||
throw new SecurityError('Cannot set mail.secure to false');
|
// throw new SecurityError('Cannot set mail.secure to false');
|
||||||
}
|
// }
|
||||||
if (config.get<boolean>('mail.allow_invalid_tls')) {
|
if (config.get<boolean>('mail.allow_invalid_tls')) {
|
||||||
throw new SecurityError('Cannot set mail.allow_invalid_tls to true');
|
throw new SecurityError('Cannot set mail.allow_invalid_tls to true');
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user