OpenStack + Chef

heat.conf should not be readable from other users

Bug #1370870 reported by LeileiZhou on 2014-09-18

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack + Chef	Fix Released	High	LeileiZhou

Bug Description

Mode for heat.conf is set as 644. However in this file contains some secrete information such as:
/etc/heat/heat.conf
qpid_password=
sql_connection=
[keystone_authtoken]
admin_password=keystone_password

Those information should not be readable from other unauthorized users.

LeileiZhou (leileiz) on 2014-09-18

Changed in openstack-chef:
assignee:	nobody → LeileiZhou (leileiz)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-09-18: Fix proposed to cookbook-openstack-orchestration (master)

Fix proposed to branch: master
Review: https://review.openstack.org/122322

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-09-18: Fix merged to cookbook-openstack-orchestration (master)

Reviewed: https://review.openstack.org/122322
Committed: https://git.openstack.org/cgit/stackforge/cookbook-openstack-orchestration/commit/?id=eea627edda76e14aec07b9ececf4f81a265875a5
Submitter: Jenkins
Branch: master

commit eea627edda76e14aec07b9ececf4f81a265875a5
Author: leileiz <email address hidden>
Date: Thu Sep 18 01:55:49 2014 -0400

Update heat.conf permission

To avoid unauthorized users to read secrete information in
heat.conf, heat.conf should be set as 640 instead of 644.

Fix bug 1370870
Change-Id: I02756cea10113ca89ddeaa9232d04c75380756e8

Mark Vanderwiel (vanderwl) on 2014-10-08

Changed in openstack-chef:
status:	New → Fix Released
importance:	Undecided → High

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.