### Discussion ###
It is important that deployers of OpenStack ensure that keystone.conf is not world readable. In some deployments the keystone configuration file is readable by all users (and processes) on the installation system.
### Recommended Actions ###
Ensure that in your deployment keystone.conf is not world readable.
DRAFT: Keystone configuration should not be world readable
---
### Summary ###
In some deployments keystone.conf which contains confidential information, is set to world readable.
### Affected Services / Software ###
Keystone, DevStack
### Discussion ###
It is important that deployers of OpenStack ensure that keystone.conf is not world readable. In some deployments the keystone configuration file is readable by all users (and processes) on the installation system.
### Recommended Actions ###
Ensure that in your deployment keystone.conf is not world readable.
### Contacts / References ### /bugs.launchpad .net/ossn/ +bug/1168252 /bugs.launchpad .net/devstack/ +bug/1168252 /launchpad. net/~openstack- ossg
This OSSN : https:/
Original LAunchPad Bug : https:/
OpenStack Security ML : <email address hidden>
OpenStack Security Group : https:/