Password(s) stored on file(s) readable by anyone
Bug #1811997 reported by
Alvaro Uria
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Nagios Charm |
Fix Released
|
Critical
|
Unassigned |
Bug Description
update_password write a file with default perms (generally, 644). Password should be stored on a file with perms 0400.
"""
nagios-1:~$ ls -l /var/lib/
-rw-r--r-- 1 root root 12 Nov 21 15:26 /var/lib/
-rw-r--r-- 1 root root 12 Nov 21 15:26 /var/lib/
-r-------- 1 root root 11 Aug 2 22:53 /var/lib/
"""
https:/
Related branches
~aieri/charm-nagios:bug/1811997
Merged
into
~nagios-charmers/charm-nagios:master
at
revision ac353d33f77c7d62d42c0cc5526b07669736ee30
- Xav Paice (community): Approve
- Giuseppe Petralia: Approve
- Canonical IS Reviewers: Pending requested
-
Diff: 12 lines (+1/-0)1 file modifiedhooks/upgrade-charm (+1/-0)
Changed in nagios-charm: | |
importance: | Undecided → Critical |
status: | New → Triaged |
Changed in nagios-charm: | |
status: | Triaged → In Progress |
assignee: | nobody → Aurelien Lourot (aurelien-lourot) |
Changed in nagios-charm: | |
status: | In Progress → Fix Committed |
Changed in nagios-charm: | |
assignee: | Aurelien Lourot (aurelien-lourot) → nobody |
Changed in nagios-charm: | |
status: | Fix Committed → In Progress |
Changed in charm-nagios: | |
status: | In Progress → Fix Released |
To post a comment you must log in.