txlongpoll.yaml contains password but is world readable
Bug #1254034 reported by
James Troup
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
maas (Ubuntu) |
Fix Released
|
Undecided
|
Andres Rodriguez |
Bug Description
/etc/maas/
| nobody@polong:/$ cat /etc/maas/
[...]
| ## Message broker configuration.
| #
| broker:
| host: "localhost"
| port: 5672
| username: "maas_longpoll"
| password: "XXXXXXXXXXXXXX
^^^^
| vhost: "/maas_longpoll"
|
| ## Where to log. This log can be rotated by sending SIGUSR1 to the
| ## running server.
| #
| # logfile: "txlongpoll.log"
| logfile: "/var/log/
| nobody@polong:/$
information type: | Private Security → Public Security |
To post a comment you must log in.
james@polong:~$ dpkg -c /var/cache/ apt/archives/ maas-region- controller_ 1.2+bzr1373+ dfsg-0ubuntu1~ 12.04.4_ all.deb | grep txlongpoll.yaml txlongpoll. yaml
-rw-r--r-- root/root 856 2013-11-02 06:23 ./etc/maas/