Home > mailing lists

Potential Security Issue: Permissions in PgAdmin Installation Directory - Mailing list pgadmin-hackers

From	Qasim Tahir
Subject	Potential Security Issue: Permissions in PgAdmin Installation Directory
Date	May 31 09:17:27
Msg-id	CAG=GPUPva4=hFdQNGwke2auE6sL0kVW6hb2bSxbWE4xdtWe93A@mail.gmail.com Whole thread Raw
Responses	Re: Potential Security Issue: Permissions in PgAdmin Installation Directory (Dave Page <dpage@pgadmin.org>)
List	pgadmin-hackers

Tree view

Dear PgAdmin Community,

I am writing to report a potential security issue with the permissions set in the PgAdmin installation directory.

After installing PgAdmin, I observed that several directories, including 'bin', 'venv', and 'web', have 775 permissions. Here are the details of the directory permissions:

Given the broad access provided by 775 permissions, there is a concern about the potential for unauthorized access or modifications.

I would like to ask if these permissions are necessary for PgAdmin's operation or if they could be tightened to enhance security.

Your guidance on this matter would be greatly appreciated.

Thank you for your attention to this issue.

Best Regards,

Qasim Tahir

AGEDB

Attachment

image.png

pgadmin-hackers by date:

From: Usman Khan
Date: 30 May, 22:07:15
Subject: Re: Pgadmin 4 cannot add or modify line in a view

From: Usman Khan
Date: 31 May, 09:24:44
Subject: Messages held for moderation

Potential Security Issue: Permissions in PgAdmin Installation Directory - Mailing list pgadmin-hackers

Attachment

Previous

Next