Recommended permissions / ownership for config files

  • What are the recommended permissions / ownership for configuration files in /etc/kopano/ ?

  • Kopano

    Hi @ilmix,

    the only thing that is really relevant to our services is that files in that folder cannot be read. In case of secrets (like files containing passwords or certificate files) it is always the easiest to make these belong to the kopano user and deny reading to other users.

  • No, you want them to be root:kopano and mode rw-r----- (u=rw,g=r) so that they can be read, but not accidentally written if there is a program bug or exploit.