[Bug 1820992] [NEW] Package installs files with loose permissions
Chris MacNaughton
1820992 at bugs.launchpad.net
Wed Mar 20 11:07:38 UTC 2019
Public bug reported:
The OpenStack Security Guide [1] suggests that the listed files should
have permissions of 640 (or tighter), below are files delivered via the
package that differ from that recommendation:
- /etc/keystone/keystone.conf
- /etc/keystone/keystone-paste.ini
- /etc/keystone/logging.conf
[1]: https://docs.openstack.org/security-guide/identity/checklist.html
#check-identity-02-are-strict-permissions-set-for-identity-
configuration-files
This is on a fresh Bionic (Queens) package
** Affects: charm-keystone
Importance: Undecided
Status: New
** Affects: keystone (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to keystone in Ubuntu.
https://bugs.launchpad.net/bugs/1820992
Title:
Package installs files with loose permissions
Status in OpenStack keystone charm:
New
Status in keystone package in Ubuntu:
New
Bug description:
The OpenStack Security Guide [1] suggests that the listed files should
have permissions of 640 (or tighter), below are files delivered via
the package that differ from that recommendation:
- /etc/keystone/keystone.conf
- /etc/keystone/keystone-paste.ini
- /etc/keystone/logging.conf
[1]: https://docs.openstack.org/security-guide/identity/checklist.html
#check-identity-02-are-strict-permissions-set-for-identity-
configuration-files
This is on a fresh Bionic (Queens) package
To manage notifications about this bug go to:
https://bugs.launchpad.net/charm-keystone/+bug/1820992/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list