An access weakness occurs when software does not properly implement permissions that could have unintended consequences if exploited by malicious actors. An example of this weakness is when a default username and password are set by the developer but do not get changed by the system administrator.
Ensure that umask is given most restrictive possible setting.
The highlighted line of code below is the trigger point of this particular Alpine 3.6 access weakness.
bool isUTPEnabled; bool isLPDEnabled; bool isBlocklistEnabled; bool isPrefetchEnabled; bool isTorrentDoneScriptEnabled; bool isClosing; bool isClosed; bool isIncompleteFileNamingEnabled; bool isRatioLimited; bool isIdleLimited; bool isIncompleteDirEnabled; bool pauseAddedTorrent; bool deleteSourceTorrent; bool scrapePausedTorrents; uint8_t peer_id_ttl_hours; tr_variant removedTorrents; bool stalledEnabled; bool queueEnabled; int queueSize; int queueStalledMinutes; int umask; unsigned int speedLimit_Bps; bool speedLimitEnabled; struct tr_turtle_info turtle; struct tr_fdInfo * fdInfo; int magicNumber; tr_encryption_mode encryptionMode; tr_preallocation_mode preallocationMode; struct event_base * event_base; struct evdns_base * evdns_base; struct tr_event_handle * events; uint16_t peerLimit; uint16_t peerLimitPerTorrent; int uploadSlotsPerTorrent; /* The UDP sockets used for the DHT and uTP. */ tr_port udp_port;