[Bug 1820992] Re: Package installs files with loose permissions

Chris MacNaughton 1820992 at bugs.launchpad.net
Wed Mar 20 11:08:19 UTC 2019


It is also recommended that the files be owned by keystone:keystone
rather than root:root

** Also affects: charm-keystone
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to keystone in Ubuntu.
https://bugs.launchpad.net/bugs/1820992

Title:
  Package installs files with loose permissions

Status in OpenStack keystone charm:
  New
Status in keystone package in Ubuntu:
  New

Bug description:
  The OpenStack Security Guide [1] suggests that the listed files should
  have permissions of 640 (or tighter), below are files delivered via
  the package that differ from that recommendation:

  - /etc/keystone/keystone.conf
  - /etc/keystone/keystone-paste.ini
  - /etc/keystone/logging.conf

  [1]: https://docs.openstack.org/security-guide/identity/checklist.html
  #check-identity-02-are-strict-permissions-set-for-identity-
  configuration-files

  This is on a fresh Bionic (Queens) package

To manage notifications about this bug go to:
https://bugs.launchpad.net/charm-keystone/+bug/1820992/+subscriptions



More information about the Ubuntu-openstack-bugs mailing list