From 7f96f52076bbe4c7dd9a63ab3fc29a8889461fa7 Mon Sep 17 00:00:00 2001
From: lapineige <lapineige@users.noreply.github.com>
Date: Sat, 24 Jun 2017 16:30:58 +0200
Subject: [PATCH] Fix parameters.yml reading rights

Previously this sensitive file (database credentials, ...) was readable by anyone (rights value was 644)
---
 scripts/install | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/scripts/install b/scripts/install
index 8947b94..6e77d4b 100644
--- a/scripts/install
+++ b/scripts/install
@@ -91,6 +91,8 @@ ynh_replace_string "{DBNAME}" "${db_name}" "$wb_conf"
 ynh_replace_string "{DBUSER}" "${db_user}" "$wb_conf"
 ynh_replace_string "{DBPASS}" "${db_pwd}" "$wb_conf"
 ynh_replace_string "{DESKEY}" "${deskey}" "$wb_conf"
+# Restrict rights to Wallabag user only
+chmod 600 ../conf/parameters.yml
 
 # Install files and set permissions
 sudo mv "$TMPDIR" "$final_path"