[Bug 862844] Re: Glance config files and logs are world-readable

[Ubuntu QA's Bug Bot]

The attachment "glance.debdiff" of this bug report has been identified
as being a patch in the form of a debdiff.  The ubuntu-sponsors team has
been subscribed to the bug report so that they can review and hopefully
sponsor the debdiff.  In the event that this is in fact not a patch you
can resolve this situation by removing the tag 'patch' from the bug
report and editing the attachment so that it is not flagged as a patch.
Additionally, if you are member of the ubuntu-sponsors please also
unsubscribe the team from this bug report.

[This is an automated message performed by a Launchpad user owned by
Brian Murray.  Please contact him regarding any issues with the action
taken in this bug report.]

** Tags added: patch

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/862844

Title:
  Glance config files and logs are world-readable

Status in “glance” package in Ubuntu:
  In Progress
Status in “glance” source package in Oneiric:
  In Progress

Bug description:
  /etc/glance/glance-regsitry.conf may contain database credentials
  (sql_connection).  /etc/glance/glance-api.conf may contain credentials
  for various storage backends (swift, s3).   It appears both may also
  contain keystone tokens.  All of these files are installed world-
  readable (0644)

  When verbose logging is enabled (it is by default), these settings are
  logged in corresponding log files in /var/log/glance  on service
  startup.  These logfiles are also created readable by anyone.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/glance/+bug/862844/+subscriptions