Details
-
Suggestion
-
Resolution: Fixed
-
None
Description
The supported platforms page states that:
If you are using Linux/UNIX: A dedicated user should be created to run Stash, as Stash runs as the user it is invoked under and therefore can potentially be abused.
Here is an example of how to create a dedicated user to run Stash in Linux:
$ sudo /usr/sbin/useradd --create-home --home-dir /usr/local/Stash --shell /bin/bash Stash
This should be part of the normal installation process and integrated into:
https://confluence.atlassian.com/display/STASH/Installing+Stash+on+Linux+and+Mac
Also a good idea to change the default umask to 077 for the user so that file isn't being read by every one