You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@ofbiz.apache.org by "Daniel Watford (Jira)" <ji...@apache.org> on 2023/03/31 15:28:00 UTC
[jira] [Created] (OFBIZ-12788) Sonarcloud security hotspot in Dockerfile
Daniel Watford created OFBIZ-12788:
--------------------------------------
Summary: Sonarcloud security hotspot in Dockerfile
Key: OFBIZ-12788
URL: https://issues.apache.org/jira/browse/OFBIZ-12788
Project: OFBiz
Issue Type: Improvement
Affects Versions: Upcoming Branch
Reporter: Daniel Watford
Assignee: Daniel Watford
Fix For: Upcoming Branch
Sonarcloud has highlighted a security hotspot that needs to be addressed in the Dockerfile:
[https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework&file=Dockerfile&fileUuid=AYcD2nc8S2HJZtLSxvMT&sinceLeakPeriod=true]
The hotspot relates to write permissions set on the docker-entrypoint script.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)