[Bug 1820992] Re: Package installs files with loose permissions

Chris MacNaughton 1820992 at bugs.launchpad.net
Fri Mar 22 07:31:25 UTC 2019


It looks like the package does install the /etc/keystone directory as
750 so I'm marking this as invalid

** Changed in: charm-keystone
       Status: New => Invalid

** Changed in: keystone (Ubuntu)
       Status: Triaged => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to keystone in Ubuntu.
https://bugs.launchpad.net/bugs/1820992

Title:
  Package installs files with loose permissions

Status in OpenStack keystone charm:
  Invalid
Status in keystone package in Ubuntu:
  Invalid

Bug description:
  The OpenStack Security Guide [1] suggests that the listed files should
  have permissions of 640 (or tighter), below are files delivered via
  the package that differ from that recommendation:

  - /etc/keystone/keystone.conf
  - /etc/keystone/keystone-paste.ini
  - /etc/keystone/logging.conf

  [1]: https://docs.openstack.org/security-guide/identity/checklist.html
  #check-identity-02-are-strict-permissions-set-for-identity-
  configuration-files

  This is on a fresh Bionic (Queens) package

To manage notifications about this bug go to:
https://bugs.launchpad.net/charm-keystone/+bug/1820992/+subscriptions



More information about the Ubuntu-openstack-bugs mailing list