pullRemote clone dir permissions are extraneous

[coopernetes]

When Git Proxy is running in a secure environment, the node process is likely running under some sort of user. This user should have local file permissions to create directories for the file-based DB (if used) as well as cloning repositories that are in-flight via Git Proxy. The pullRemote step expects to create a directory under .remote/{timestamp}. Currently, that directory is expected to have full rwx permissions across user, group and everyone/world.

This is generally not best practice. In certain deployment environments such as Openshift, it's explicitly disallowed.

A simple fix is to create a directory with only user permissions which is typically rwxr-xr-x (0755) for directories.

See: https://betterstack.com/community/questions/what-permissions-should-my-website-directory-have-on-linux/

Affected line:

git-proxy/src/proxy/processors/push-action/pullRemote.js

Line 19 in 1f39f10

fs.mkdirSync(action.proxyGitPath, '0777', true);