Nagios Charm

Password(s) stored on file(s) readable by anyone

Bug #1811997 reported by Alvaro Uria on 2019-01-16

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Nagios Charm	Fix Released	Critical	Unassigned

Bug Description

update_password write a file with default perms (generally, 644). Password should be stored on a file with perms 0400.
"""
nagios-1:~$ ls -l /var/lib/juju/nagios.*
-rw-r--r-- 1 root root 12 Nov 21 15:26 /var/lib/juju/nagios.nagiosadmin.passwd
-rw-r--r-- 1 root root 12 Nov 21 15:26 /var/lib/juju/nagios.nagiosro.passwd
-r-------- 1 root root 11 Aug 2 22:53 /var/lib/juju/nagios.passwd
"""

https://git.launchpad.net/nagios-charm/tree/hooks/upgrade-charm#n332

Tags:

Related branches

~aieri/charm-nagios:bug/1811997

Merged into ~nagios-charmers/charm-nagios:master at revision ac353d33f77c7d62d42c0cc5526b07669736ee30

Xav Paice (community): Approve on 2020-02-16

Giuseppe Petralia: Approve on 2020-01-30

Canonical IS Reviewers: Pending requested 2020-01-27

Junien F (axino) on 2019-06-06

Changed in nagios-charm:
importance:	Undecided → Critical
status:	New → Triaged

Aurelien Lourot (aurelien-lourot) on 2020-01-27

Changed in nagios-charm:
status:	Triaged → In Progress
assignee:	nobody → Aurelien Lourot (aurelien-lourot)

Andrea Ieri (aieri) on 2020-01-27

Changed in nagios-charm:
status:	In Progress → Fix Committed

Aurelien Lourot (aurelien-lourot) on 2020-01-28

Changed in nagios-charm:
assignee:	Aurelien Lourot (aurelien-lourot) → nobody

Andrea Ieri (aieri) on 2020-01-28

Changed in nagios-charm:
status:	Fix Committed → In Progress

Xav Paice (xavpaice) on 2020-03-01

Changed in charm-nagios:
status:	In Progress → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.