[Openstack-security] [Bug 1556231] Re: Rootwrap configuration has incorrect ownership
OpenStack Infra
1556231 at bugs.launchpad.net
Fri Mar 11 19:15:16 UTC 2016
Fix proposed to branch: kilo
Review: https://review.openstack.org/291868
** Changed in: openstack-ansible/kilo
Status: Confirmed => In Progress
--
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1556231
Title:
Rootwrap configuration has incorrect ownership
Status in openstack-ansible:
Fix Committed
Status in openstack-ansible kilo series:
In Progress
Status in openstack-ansible liberty series:
In Progress
Status in openstack-ansible trunk series:
Fix Committed
Bug description:
The /etc/<openstack_service>/rootwrap.conf file and
/etc/<openstack_service>/rootwrap.d directory and its contents created
by the Nova, Neutron, Cinder and Ceilomer playbooks/roles are
incorrectly owned by a user other than root.
This is a security vulnerability inasmuch as it may allow users with
lower privileges to modify the rootwrap configuration and escalate
privileges.
To manage notifications about this bug go to:
https://bugs.launchpad.net/openstack-ansible/+bug/1556231/+subscriptions
More information about the Openstack-security
mailing list