[
https://issues.apache.org/jira/browse/CAMEL-23268?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Claus Ibsen updated CAMEL-23268:
--------------------------------
Component/s: camel-jbang
> [camel-jbang] Wrapper command potential security permission issue
> -----------------------------------------------------------------
>
> Key: CAMEL-23268
> URL: https://issues.apache.org/jira/browse/CAMEL-23268
> Project: Camel
> Issue Type: Bug
> Components: camel-jbang
> Reporter: Pasquale Congiusti
> Priority: Major
>
> The work done in https://github.com/apache/camel/pull/21978 may have
> introduced a potential security permission problem [1]. This is setting a
> `PosixFilePermission.OTHERS_EXECUTE` which is likely a too broad permission
> allowing `OTHERS` execution permission which probably they don't need.
> Please, review it and fix. If by any change this is the correct expected
> privilege, add a comment note to exclude from sonar static code analysis.
> [1]
> https://sonarcloud.io/project/issues?impactSoftwareQualities=SECURITY&issueStatuses=OPEN%2CCONFIRMED&id=apache_camel&open=AZ0GN9CjMLjZL-UnzDjl
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
