-
Notifications
You must be signed in to change notification settings - Fork 1
π‘οΈ Sentinel: Fix insecure backup permissions #42
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. Weβll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: main
Are you sure you want to change the base?
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| ## 2026-02-26 - Insecure Backup Permissions | ||
|
Check failure on line 1 in .jules/sentinel.md
|
||
| **Vulnerability:** The backup script `tools/backup-projects.sh` created project archives and log files with default umask permissions (often 644/755), making them readable by other users on the system. | ||
|
Check failure on line 2 in .jules/sentinel.md
|
||
| **Learning:** Shell scripts creating sensitive archives often default to system umask, which is usually designed for collaboration, not secrecy. | ||
|
Check failure on line 3 in .jules/sentinel.md
|
||
| **Prevention:** Explicitly set `umask 077` in a subshell before running archival commands like `zip` or `tar`, and use `chmod 700` on sensitive directories immediately after creation. | ||
|
Check failure on line 4 in .jules/sentinel.md
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fix markdown linting errors flagged by CI.
The documentation content is accurate, but static analysis reports formatting issues:
#) with a blank line belowπ§ Proposed fix
π Committable suggestion
π§° Tools
πͺ GitHub Check: Lint Documentation
[failure] 4-4: Line length
.jules/sentinel.md:4:81 MD013/line-length Line length [Expected: 80; Actual: 183] https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md013.md
[failure] 3-3: Line length
.jules/sentinel.md:3:81 MD013/line-length Line length [Expected: 80; Actual: 144] https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md013.md
[failure] 2-2: Line length
.jules/sentinel.md:2:81 MD013/line-length Line length [Expected: 80; Actual: 201] https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md013.md
[failure] 1-1: First line in a file should be a top-level heading
.jules/sentinel.md:1 MD041/first-line-heading/first-line-h1 First line in a file should be a top-level heading [Context: "## 2026-02-26 - Insecure Backu..."] https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md041.md
[failure] 1-1: Headings should be surrounded by blank lines
.jules/sentinel.md:1 MD022/blanks-around-headings Headings should be surrounded by blank lines [Expected: 1; Actual: 0; Below] [Context: "## 2026-02-26 - Insecure Backup Permissions"] https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md022.md
π€ Prompt for AI Agents