From 80bae735e7165f972d51f77b03d15a692711627e Mon Sep 17 00:00:00 2001 From: Willem Jiang Date: Thu, 21 May 2026 19:27:33 +0800 Subject: [PATCH] Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> --- backend/app/gateway/routers/uploads.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/backend/app/gateway/routers/uploads.py b/backend/app/gateway/routers/uploads.py index 6834ea2f2..bbf9abc7e 100644 --- a/backend/app/gateway/routers/uploads.py +++ b/backend/app/gateway/routers/uploads.py @@ -79,16 +79,16 @@ def _make_file_sandbox_readable(file_path: os.PathLike[str] | str) -> None: For Docker sandboxes (AIO), the gateway writes files as root with 0o600 permissions, then bind-mounts the host directory into the container. The - sandbox process inside the container runs as a non-root user and cannot - read those files without group/other read bits. This function adds - ``S_IRGRP | S_IROTH`` so the sandbox can read the uploaded content. + sandbox process inside the container runs as a non-root user and may be + unable to read those files without broader read access. To avoid making + uploads world-readable on the host, only the group read bit is added here. """ file_stat = os.lstat(file_path) if stat.S_ISLNK(file_stat.st_mode): logger.warning("Skipping sandbox chmod for symlinked upload path: %s", file_path) return - readable_mode = stat.S_IMODE(file_stat.st_mode) | stat.S_IRGRP | stat.S_IROTH + readable_mode = stat.S_IMODE(file_stat.st_mode) | stat.S_IRGRP chmod_kwargs = {"follow_symlinks": False} if os.chmod in os.supports_follow_symlinks else {} os.chmod(file_path, readable_mode, **chmod_kwargs)