[Openstack-security] [OSSG][OSSN] DRAFT: Keystone configuration should not be world readable

Thierry Carrez thierry at openstack.org
Mon Apr 29 13:16:30 UTC 2013

Previous message (by thread): [Openstack-security] [OSSG][OSSN] DRAFT: Keystone configuration should not be world readable
Next message (by thread): [Openstack-security] [OSSG][OSSN] DRAFT: Keystone configuration should not be world readable
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Clark, Robert Graham wrote:
> Keystone configuration should not be world readable
> [...]
> ### Contacts / References ###
> This OSSN : https://bugs.launchpad.net/ossn/+bug/1168252
> Original LaunchPad Bug : https://bugs.launchpad.net/devstack/+bug/1168252
> OpenStack Security ML : openstack-security at lists.openstack.org
> OpenStack Security Group : https://launchpad.net/~openstack-ossg

Looks good, but should probably also reference the CVE:

CVE-2013-1977  - OpenStack keystone.conf insecure file permissions

Cheers,

-- 
Thierry

Previous message (by thread): [Openstack-security] [OSSG][OSSN] DRAFT: Keystone configuration should not be world readable
Next message (by thread): [Openstack-security] [OSSG][OSSN] DRAFT: Keystone configuration should not be world readable
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Openstack-security mailing list