Do not tolerate world readable os-collect-config.conf
Bug #1463409 reported by
Attila Fazekas
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
os-collect-config |
Confirmed
|
High
|
Steve Baker |
Bug Description
/etc/os-
1. It must be installed without world readability.
2. The os-collect-config should refuse the operations when the file is world readable.
Changed in os-collect-config: | |
status: | New → Confirmed |
importance: | Undecided → High |
Changed in os-collect-config: | |
assignee: | nobody → Steve Baker (steve-stevebaker) |
To post a comment you must log in.
I think the initial installation of /etc/os- collect- config. conf can be world-readable since it contains no secrets, but os-apply-config needs to reduce permissions when it overwrites the file.