[Bug 1820992] Re: Package installs files with loose permissions
Chris MacNaughton
1820992 at bugs.launchpad.net
Fri Mar 22 07:31:25 UTC 2019
It looks like the package does install the /etc/keystone directory as
750 so I'm marking this as invalid
** Changed in: charm-keystone
Status: New => Invalid
** Changed in: keystone (Ubuntu)
Status: Triaged => Invalid
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to keystone in Ubuntu.
https://bugs.launchpad.net/bugs/1820992
Title:
Package installs files with loose permissions
Status in OpenStack keystone charm:
Invalid
Status in keystone package in Ubuntu:
Invalid
Bug description:
The OpenStack Security Guide [1] suggests that the listed files should
have permissions of 640 (or tighter), below are files delivered via
the package that differ from that recommendation:
- /etc/keystone/keystone.conf
- /etc/keystone/keystone-paste.ini
- /etc/keystone/logging.conf
[1]: https://docs.openstack.org/security-guide/identity/checklist.html
#check-identity-02-are-strict-permissions-set-for-identity-
configuration-files
This is on a fresh Bionic (Queens) package
To manage notifications about this bug go to:
https://bugs.launchpad.net/charm-keystone/+bug/1820992/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list