keystone-signing-nova in tmp
Bug #1177681 reported by
glance
This bug report is a duplicate of:
Bug #1174608: [OSSA 2013-010] Insecure directory creation for signing.
Edit
Remove
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
New
|
Undecided
|
Unassigned |
Bug Description
etc/nova/
[filter:authtoken]
signing_dir = /tmp/keystone-
Thats kinda bad if thats taken by some other dir or maybe a symlink to somewhere...
I would sugest switching to:
/var/lib/
And that is what quantum defaults to.
information type: | Public → Private Security |
To post a comment you must log in.
This is spotted on 1:2013. 1-0ubuntu2~ cloud1