From 1d7277da39fc76cba34ec78d6bddee7c94956831 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20K=C3=B6nig?= <github@yubiuser.dev>
Date: Tue, 25 Feb 2025 21:12:58 +0100
Subject: [PATCH] Permissions on versions file should be 640
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Christian König <github@yubiuser.dev>
---
 advanced/Scripts/updatecheck.sh           | 2 +-
 advanced/Templates/pihole-FTL-prestart.sh | 3 ---
 2 files changed, 1 insertion(+), 4 deletions(-)

diff --git a/advanced/Scripts/updatecheck.sh b/advanced/Scripts/updatecheck.sh
index b325ee9c..00b6b05c 100755
--- a/advanced/Scripts/updatecheck.sh
+++ b/advanced/Scripts/updatecheck.sh
@@ -50,7 +50,7 @@ rm -f "/etc/pihole/localversions"
 # Create new versions file if it does not exist
 VERSION_FILE="/etc/pihole/versions"
 touch "${VERSION_FILE}"
-chmod 644 "${VERSION_FILE}"
+chmod 640 "${VERSION_FILE}"
 
 # if /pihole.docker.tag file exists, we will use it's value later in this script
 DOCKER_TAG=$(cat /pihole.docker.tag 2>/dev/null)
diff --git a/advanced/Templates/pihole-FTL-prestart.sh b/advanced/Templates/pihole-FTL-prestart.sh
index b9945f8b..f0bbe09a 100755
--- a/advanced/Templates/pihole-FTL-prestart.sh
+++ b/advanced/Templates/pihole-FTL-prestart.sh
@@ -23,9 +23,6 @@ chmod 0644 /etc/pihole/logrotate
 # allow all users to enter the directories
 chmod 0755 /etc/pihole /var/log/pihole
 
-# allow all users read version file
-chmod 0664 /etc/pihole/versions
-
 # allow pihole to access subdirs in /etc/pihole (sets execution bit on dirs)
 # credits https://stackoverflow.com/a/11512211
 find /etc/pihole/ -type d -exec chmod 0755 {} \;