[Openstack-security] [Bug 1129748] Re: image files in _base should not be world-readable
Jeremy Stanley
fungi at yuggoth.org
Mon Feb 29 16:20:24 UTC 2016
The way I would usually expect distributions to try and solve situations
like this is to define a common openstack-images system group, add the
nova and qemu users to it, make the containing directory setgid owned by
nova with group openstack-images, and set an appropriately strict umask
when calling nova so that it creates group-readable but non-world-
readable files. As long as there are ways to convince nova to obey
setgid and umask (assuming it doesn't already), this should be doable,
right?
--
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1129748
Title:
image files in _base should not be world-readable
Status in OpenStack Compute (nova):
Opinion
Status in OpenStack Security Advisory:
Incomplete
Bug description:
Already public in https://bugzilla.redhat.com/show_bug.cgi?id=896085 ,
so probably no point making this private. But I checked the security
vulnerability box anyway so someone else can decide.
We create image files in /var/lib/nova/instances/_base with default
permissions, usually 644. It would be better to not make the image
files world-readable, in case they contain private data.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1129748/+subscriptions
More information about the Openstack-security
mailing list