sysinv.conf.default is readable to all users
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Medium
|
Bin Qian |
Bug Description
Brief Description
-----------------
/opt/platform/
controller-0:~$ ls /opt/platform/
-rw-r--r-- 1 root root 1830 Oct 23 21:52 /opt/platform/
This file should be created as owned by sysinv and only read/write to sysinv (i.e, 0600).
Severity
--------
Critical
Steps to Reproduce
------------------
In any load,
ls /opt/platform/
Expected Behavior
------------------
the file should not be readable to user other than sysinv or with root privilege
Reproducibility
---------------
all system
System Configuration
-------
any
Branch/Pull Time/Commit
-------
master
Last Pass
---------
none
Timestamp/Logs
--------------
N/A
Test Activity
-------------
information type: | Private Security → Public Security |
stx.3.0 / medium priority - would be nice to fix to close the security concern.