Spaces:
Running
Running
SecurityBot commited on
Commit Β·
5c7757f
1
Parent(s): 644054d
fix: lock down config and credentials permissions (600/700)
Browse files
start.sh
CHANGED
|
@@ -91,6 +91,7 @@ mkdir -p /home/node/.openclaw/agents/main/sessions
|
|
| 91 |
mkdir -p /home/node/.openclaw/credentials
|
| 92 |
mkdir -p /home/node/.openclaw/workspace
|
| 93 |
chmod 700 /home/node/.openclaw
|
|
|
|
| 94 |
|
| 95 |
# ββ Validate HF token (if provided) ββ
|
| 96 |
if [ -n "$HF_TOKEN" ]; then
|
|
@@ -235,6 +236,7 @@ fi
|
|
| 235 |
|
| 236 |
# Write config
|
| 237 |
echo "$CONFIG_JSON" > "/home/node/.openclaw/openclaw.json"
|
|
|
|
| 238 |
|
| 239 |
# ββ Startup Summary ββ
|
| 240 |
echo ""
|
|
|
|
| 91 |
mkdir -p /home/node/.openclaw/credentials
|
| 92 |
mkdir -p /home/node/.openclaw/workspace
|
| 93 |
chmod 700 /home/node/.openclaw
|
| 94 |
+
chmod 700 /home/node/.openclaw/credentials
|
| 95 |
|
| 96 |
# ββ Validate HF token (if provided) ββ
|
| 97 |
if [ -n "$HF_TOKEN" ]; then
|
|
|
|
| 236 |
|
| 237 |
# Write config
|
| 238 |
echo "$CONFIG_JSON" > "/home/node/.openclaw/openclaw.json"
|
| 239 |
+
chmod 600 /home/node/.openclaw/openclaw.json
|
| 240 |
|
| 241 |
# ββ Startup Summary ββ
|
| 242 |
echo ""
|