Our security scan tool captured this security vulnerability. The permission should ideally be -rw-r–r–.
Is there a way to mitigate this permission issue?
Manually updating the permissions will not help as it will come again on container recreation.
You will probably see that the folder is not executable by other users, which means even if a nonroot user could write the address, they could not have access to the parent folder so they would not be able to writre the address. You can try it without root privileges and it will show a permission denied error. You couldn’t even read the file without root user.
You had another topic about IP forwarding where I had the same feeling that you either use a security scanner with default config or a scanner which is not able to recognize more complex cases and detects something that could be a security issue, but not necessarily is one, so you need to analyze the sitution and ignore the report if it is not a real issue.
What is the scanner software? Can you share the name of it?