diff --git a/entrypoint.sh b/entrypoint.sh
index ee4950c4..de80d21c 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -564,6 +564,7 @@ if [[ ${SMTP_ENABLED} == true ]]; then
 fi
 
 # configure mail_room IMAP settings
+echo "mail_room_enabled=${GITLAB_INCOMING_EMAIL_ENABLED}" >> /etc/default/gitlab
 sed 's/{{GITLAB_INCOMING_EMAIL_ENABLED}}/'"${GITLAB_INCOMING_EMAIL_ENABLED}"'/' -i /etc/supervisor/conf.d/mail_room.conf
 sudo -HEu ${GITLAB_USER} sed 's/{{GITLAB_INCOMING_EMAIL_ENABLED}}/'"${GITLAB_INCOMING_EMAIL_ENABLED}"'/' -i config/gitlab.yml
 sudo -HEu ${GITLAB_USER} sed 's/{{GITLAB_INCOMING_EMAIL_ADDRESS}}/'"${GITLAB_INCOMING_EMAIL_ADDRESS}"'/' -i config/gitlab.yml
@@ -840,7 +841,7 @@ chown ${GITLAB_USER}:${GITLAB_USER} ${GITLAB_BACKUP_DIR}
 
 # create the uploads directory
 mkdir -p ${GITLAB_DATA_DIR}/uploads/
-chmod -R u+rwX ${GITLAB_DATA_DIR}/uploads/
+chmod 0750 ${GITLAB_DATA_DIR}/uploads/
 chown ${GITLAB_USER}:${GITLAB_USER} ${GITLAB_DATA_DIR}/uploads/
 
 # create the .ssh directory
@@ -973,8 +974,10 @@ appSanitize () {
   chown -R ${GITLAB_USER}:${GITLAB_USER} ${GITLAB_BUILDS_DIR}
 
   echo "Checking uploads directory permissions..."
-  chmod -R u+rwX ${GITLAB_DATA_DIR}/uploads/
-  chown ${GITLAB_USER}:${GITLAB_USER} -R ${GITLAB_DATA_DIR}/uploads/
+  chmod -R 0750 ${GITLAB_DATA_DIR}/uploads/
+  find ${GITLAB_DATA_DIR}/uploads -type f -exec chmod 0644 {} \;
+  find ${GITLAB_DATA_DIR}/uploads -type d -not -path ${GITLAB_DATA_DIR}/uploads -exec chmod 0755 {} \;
+  chown ${GITLAB_USER}:${GITLAB_USER} ${GITLAB_DATA_DIR}/uploads/
 
   echo "Checking tmp directory permissions..."
   chmod -R u+rwX ${GITLAB_DATA_DIR}/tmp/