[Openstack-security] [Bug 1556231] Re: Rootwrap configuration has incorrect ownership
Kevin Carter
kevin.carter at rackspace.com
Fri Mar 11 18:26:51 UTC 2016
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1556231
Title:
Rootwrap configuration has incorrect ownership
Status in openstack-ansible:
Fix Committed
Status in openstack-ansible kilo series:
Confirmed
Status in openstack-ansible liberty series:
Confirmed
Status in openstack-ansible trunk series:
Fix Committed
Bug description:
The /etc/<openstack_service>/rootwrap.conf file and
/etc/<openstack_service>/rootwrap.d directory and its contents created
by the Nova, Neutron, Cinder and Ceilomer playbooks/roles are
incorrectly owned by a user other than root.
This is a security vulnerability inasmuch as it may allow users with
lower privileges to modify the rootwrap configuration and escalate
privileges.
To manage notifications about this bug go to:
https://bugs.launchpad.net/openstack-ansible/+bug/1556231/+subscriptions
More information about the Openstack-security
mailing list