[Bug 862816] [NEW] /var/log/nova/* is world-readable
Adam Gandelman
862816 at bugs.launchpad.net
Thu Sep 29 21:38:50 UTC 2011
Public bug reported:
The default nova.conf ships with '--verbose' enabled by default. When
set, each nova-* component logs all configuration flags to their
respective logfile in /var/log/nova/, including any credentials stored
in nova.conf (see attachment). If '--verbose' logging is to be enabled
by default, permissions of logfiles in /var/log/nova should be
restricted to match those of nova.conf (0600, nova:nova)
** Affects: nova (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/862816
Title:
/var/log/nova/* is world-readable
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nova/+bug/862816/+subscriptions
More information about the Ubuntu-server-bugs
mailing list