You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@ofbiz.apache.org by "Daniel Watford (Jira)" <ji...@apache.org> on 2023/03/31 15:28:00 UTC

[jira] [Created] (OFBIZ-12788) Sonarcloud security hotspot in Dockerfile

Daniel Watford created OFBIZ-12788:
--------------------------------------

             Summary: Sonarcloud security hotspot in Dockerfile 
                 Key: OFBIZ-12788
                 URL: https://issues.apache.org/jira/browse/OFBIZ-12788
             Project: OFBiz
          Issue Type: Improvement
    Affects Versions: Upcoming Branch
            Reporter: Daniel Watford
            Assignee: Daniel Watford
             Fix For: Upcoming Branch


Sonarcloud has highlighted a security hotspot that needs to be addressed in the Dockerfile:

[https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework&file=Dockerfile&fileUuid=AYcD2nc8S2HJZtLSxvMT&sinceLeakPeriod=true]

 

The hotspot relates to write permissions set on the docker-entrypoint script.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)