conn-check output generated by charm is world-readable and contains secrets

Bug #1447935 reported by Tom Haddon on 2015-04-24
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
conn-check
High
Simon Davy

Bug Description

I'm not sure if this is the right place to file this bug, but...

On the sca-app instance on production, /srv/conn-check/config.yaml is world-readable and contains secrets (PostgreSQL and AMQP passwords). Any secrets should be in a file with locked down permissions, and at the very minimum not be world readable.

Tom Haddon (mthaddon) on 2015-04-24
summary: - conn-check output generate by charm is world-readable and contains
+ conn-check output generated by charm is world-readable and contains
secrets
Changed in software-center-agent:
status: New → Confirmed
status: Confirmed → In Progress
importance: Undecided → Medium
importance: Medium → High
assignee: nobody → Simon Davy (bloodearnest)
Changed in software-center-agent:
status: In Progress → Fix Committed
status: Fix Committed → In Progress
Simon Davy (bloodearnest) wrote :

I've pushed a quick fix, restricting perms to 0600

A better solution might be to not pass the data in the relation at all, and rather pass a path to a file with the data in.

That way, the secrets are never seen by juju or conn-check, and it's easier for the charm to define secrets paths for the confined-role subordinate. Plus, passing yaml-as-a-string in a relation is a bit icky.

Changed in software-center-agent:
status: In Progress → Fix Committed
affects: software-center-agent → conn-check
Wes Mason (wesmason) wrote :

This has been fixed in the latest revisions of juju deploy lp:~ubuntuone-hackers/charms/trusty/conn-check/trunk

Changed in conn-check:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers