Keep config.php group-writable

[lafrech]

Summary

This changes makes config.php group-writable.

This is useful when Nextcloud is installed in a directory with ownership shared between webserver (www-data) and a user with FTP or SSH access, so that the installation/update script may be run as user (CLI) without Nextcloud failing due to www-data not being able to write to the file, or as www-data (from web interface) without the user being unable to move/delete the file from their own cloud space (e.g. to delete Nextcloud).

One may use the setgid bit to ensure all files are owned by a common group, or ACL to ensure user and www-data can read/write all files, but the current chmod break that.

This change keeps the config not readable by others, as specified in the comment.

(See https://help.nextcloud.com/t/installing-nextcloud-in-user-home-directory-on-shared-server/238081/3.)

Checklist

• Code is properly formatted
• Sign-off message is added to all commits
• Tests (unit, integration, api and/or acceptance) are included
• Screenshots before/after for front-end changes
• Documentation (manuals or wiki) has been updated or is not required
• Backports requested where applicable (ex: critical bugfixes)
• Labels added where applicable (ex: bug/enhancement, 3. to review, feature component)
• Milestone added for target branch/version (ex: 32.x for stable32)

[CarlSchwan]

I don't think this is a great idea in term of security. What do you think @nextcloud/security ?

[lafrech]

All the other files are group-writable so anyone in the owning group can do pretty much anything already. (At least in my own installation, but I think this is standard.)

Depending on the installation, the owning group should be www-data, the user's default group, or a dedicated group created on purpose.

But I'm interested in the security team's POV, as I have no expertise in Nextcloud administration.

[nickvergessen]

✔️ My local dev environment has the same patch applied since a long time 🙈
I hesitated to send it as a patch, as it feels off.

All the other files are group-writable so anyone in the owning group can do pretty much anything already. (At least in my own installation, but I think this is standard.)

That is not recommended and also documented like that in step 13 of the update manual:
https://docs.nextcloud.com/server/stable/admin_manual/maintenance/manual_upgrade.html#step-by-step-manual-upgrade

---

But long story short, we can do the same trick as with the log file and add a config that has the permissions:

server/config/config.sample.php

Lines 1088 to 1093 in dd6a947

	/**
	* Log file mode for the Nextcloud logging type in octal notation.
	*
	* Defaults to ``0640`` (writable by user, readable by group).
	*/
	'logfilemode' => 0640,

[lafrech]

But long story short, we can do the same trick as with the log file and add a config that has the permissions:

Yes. I didn't know about logfilemode. It makes sense to do the same for the config file.