devstack

Overview
Code
Bugs
Blueprints
Translations
Answers

Bug #1168252
Comment #12

Comment 12 for bug 1168252

Revision history for this message

Robert Clark (robert-clark) wrote on 2013-04-24:

#12

DRAFT: Keystone configuration should not be world readable
---

### Summary ###
In some deployments keystone.conf which contains confidential information, is set to world readable.

### Affected Services / Software ###
Keystone, DevStack

### Discussion ###
It is important that deployers of OpenStack ensure that keystone.conf is not world readable. In some deployments the keystone configuration file is readable by all users (and processes) on the installation system.

### Recommended Actions ###
Ensure that in your deployment keystone.conf is not world readable.

### Contacts / References ###
This OSSN : https://bugs.launchpad.net/ossn/+bug/1168252
Original LAunchPad Bug : https://bugs.launchpad.net/devstack/+bug/1168252
OpenStack Security ML : <email address hidden>
OpenStack Security Group : https://launchpad.net/~openstack-ossg