2023-04-21 01:37:10 |
Ghada Khalil |
description |
Brief Description
-----------------
The playbook that migrates certificates to cert-manager leaves a temporary file with specs for the certificate issuer. This file contain sensible data about the issuer, should be handled with care and deleted when it isn't required anymore.
Severity
--------
Minor.
Steps to Reproduce
------------------
- Follow the steps in https://docs.starlingx.io/security/kubernetes/migrate-platform-certificates-to-use-cert-manager-c0b1727e4e5d.html.
- List the files inside '/tmp' folder. Observe that the playbook created the file 'platform_certificates.yaml' and it doesn't remove it.
Expected Behavior
------------------
After the execution of the playbook, the file should be deleted.
Actual Behavior
----------------
File is created and readable by any logged user.
Reproducibility
---------------
100%.
System Configuration
--------------------
Simplex.
Branch/Pull Time/Commit
-----------------------
Master.
Last Pass
---------
NA.
Timestamp/Logs
--------------
NA
Test Activity
-------------
Developer Testing
Workaround
----------
Remove the file manually. |
Brief Description
-----------------
The playbook that migrates certificates to cert-manager leaves a temporary file with specs for the certificate issuer. This file contain sensitive data about the issuer, should be handled with care and deleted when it isn't required anymore.
Severity
--------
Minor.
Steps to Reproduce
------------------
- Follow the steps in https://docs.starlingx.io/security/kubernetes/migrate-platform-certificates-to-use-cert-manager-c0b1727e4e5d.html.
- List the files inside '/tmp' folder. Observe that the playbook created the file 'platform_certificates.yaml' and it doesn't remove it.
Expected Behavior
------------------
After the execution of the playbook, the file should be deleted.
Actual Behavior
----------------
File is created and readable by any logged user.
Reproducibility
---------------
100%.
System Configuration
--------------------
Simplex.
Branch/Pull Time/Commit
-----------------------
Master.
Last Pass
---------
NA.
Timestamp/Logs
--------------
NA
Test Activity
-------------
Developer Testing
Workaround
----------
Remove the file manually. |
|