pkgs/servers/pleroma/Revert-Config-Restrict-permissions-of-OTP-config.patch

   1 From 29af78b112f7956ac1211fbfec2eadbf4caca40f Mon Sep 17 00:00:00 2001
   2 From: Yaya <yaya@uwu.is>
   3 Date: Sun, 6 Aug 2023 00:02:40 +0000
   4 Subject: [PATCH] Revert "Config: Restrict permissions of OTP config file"
   5
   6 This reverts commit 4befb3b1d02f32eb2c56f12e4684a7bb3167b0ee
   7 and 3b82864bccee1af625dd19faed511d5b76f66f9d.
   8
   9 The Nix store is world readable by design.
  10 ---
  11  lib/pleroma/config/release_runtime_provider.ex | 14 --------------
  12  1 file changed, 14 deletions(-)
  13
  14 diff --git a/lib/pleroma/config/release_runtime_provider.ex b/lib/pleroma/config/release_runtime_provider.ex
  15 index 9ec0f975e..91e5f1a54 100644
  16 --- a/lib/pleroma/config/release_runtime_provider.ex
  17 +++ b/lib/pleroma/config/release_runtime_provider.ex
  18 @@ -20,20 +20,6 @@ def load(config, opts) do
  19
  20      with_runtime_config =
  21        if File.exists?(config_path) do
  22 -        # <https://git.pleroma.social/pleroma/pleroma/-/issues/3135>
  23 -        %File.Stat{mode: mode} = File.stat!(config_path)
  24 -
  25 -        if Bitwise.band(mode, 0o007) > 0 do
  26 -          raise "Configuration at #{config_path} has world-permissions, execute the following: chmod o= #{config_path}"
  27 -        end
  28 -
  29 -        if Bitwise.band(mode, 0o020) > 0 do
  30 -          raise "Configuration at #{config_path} has group-wise write permissions, execute the following: chmod g-w #{config_path}"
  31 -        end
  32 -
  33 -        # Note: Elixir doesn't provides a getuid(2)
  34 -        # so cannot forbid group-read only when config is owned by us
  35 -
  36          runtime_config = Config.Reader.read!(config_path)
  37
  38          with_defaults
  39 --
  40 2.40.1
  41