From 9565984691dd459f4acee48113ea616bda0ddee3 Mon Sep 17 00:00:00 2001
From: Albert Dixon <albertd@gladly.com>
Date: Thu, 2 Nov 2023 11:45:56 -0700
Subject: [PATCH] ensure file permissions on certificate key is secure (#15)

---
 scripts/docker-entrypoint.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/scripts/docker-entrypoint.sh b/scripts/docker-entrypoint.sh
index 06042ee..0ce7755 100755
--- a/scripts/docker-entrypoint.sh
+++ b/scripts/docker-entrypoint.sh
@@ -6,6 +6,7 @@ fi
 
 if test -n "$DATABASE_CLIENT_KEY_B64"; then
   echo "$DATABASE_CLIENT_KEY_B64" | base64 -d >/tmp/client-key.pem
+  chmod 0600 /tmp/client-key.pem
 fi
 
 if test -n "$DATABASE_SERVER_CA_B64"; then