Mistral's ansible action writes files to tmp
Bug #1719783 reported by
Flavio Percoco
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| tripleo |
Invalid
|
High
|
Luke Hinds | ||
Bug Description
Mistral's ansible action (in tripleo_common) writes inventory files, keys and playbooks to `/tmp`. Writing files to `/tmp` has caused several CVEs in the past and it'd be better for us to not use it at all.
To fix this issue, we should write these files to a different location (/var/tmp? /home/{
I'm filing this bug to keep track of this issue and, hopefully, work on a solution as soon as possible.
| Changed in tripleo: | |
| importance: | Undecided → Medium |
| milestone: | none → queens-2 |
| tags: | added: tech-debt |
| Changed in tripleo: | |
| assignee: | nobody → Aizuddin Zali (mymzbe) |
| assignee: | Aizuddin Zali (mymzbe) → nobody |
| Changed in tripleo: | |
| importance: | Medium → High |
| status: | New → Triaged |
| tags: | added: security-hardening |
| Changed in tripleo: | |
| milestone: | queens-2 → queens-3 |
| Changed in tripleo: | |
| milestone: | queens-3 → queens-rc1 |
| Changed in tripleo: | |
| milestone: | queens-rc1 → rocky-1 |
| Changed in tripleo: | |
| assignee: | nobody → Luke Hinds (lhinds) |
| Changed in tripleo: | |
| milestone: | rocky-1 → rocky-2 |
| Changed in tripleo: | |
| milestone: | rocky-2 → rocky-3 |
| Changed in tripleo: | |
| milestone: | rocky-3 → rocky-rc1 |
| Changed in tripleo: | |
| milestone: | rocky-rc1 → stein-1 |
| Changed in tripleo: | |
| milestone: | stein-1 → stein-2 |
| Changed in tripleo: | |
| milestone: | stein-2 → stein-3 |
Revision history for this message
| Juan Antonio Osorio Robles (juan-osorio-robles) wrote | #1 |
| Changed in tripleo: | |
| status: | Triaged → Invalid |
To post a comment you must log in.
This is no longer the case.