Comment 23 for bug 1260679

Proposed impact description:

-----------------------
Title: Multiple Cinder drivers set insecure file permissions
Reporter: Dirk Mueller (SUSE)
Products: Cinder
Affects: All supported versions

Description:
Dirk Mueller from SUSE reported that GPFS, Huawei, Scality and Nexenta Cinder drivers were setting insecure file permissions for various files. A local attacker with shell access to the Cinder host could read and write those files, which may result in disclosure or corruption of block storage users information. Only Cinder setups using the GPFS, Huawei, Scality or Nexenta drivers are affected.