** Tags added: drivers scality ** Changed in: cinder Importance: Undecided => Low -- You received this bug notification because you are a member of OpenStack Security, which is subscribed to OpenStack. https://bugs.launchpad.net/bugs/1432003 Title: Files in Scality driver are created world readable/writable Status in Cinder: New Status in OpenStack Security Advisory: Won't Fix Bug description: On this line in the Scality driver: https://github.com/openstack/cinder/blob/master/cinder/volume/drivers/scality.py#L124 files which are created by the utility function are set to word readable and writable. This function is utilized in the following cases: - volume creation: https://github.com/openstack/cinder/blob/master/cinder/volume/drivers/scality.py#L156 - snapshot creation: https://github.com/openstack/cinder/blob/master/cinder/volume/drivers/scality.py#L178 - volume extension: https://github.com/openstack/cinder/blob/master/cinder/volume/drivers/scality.py#L289 While it's possible that these files are supposed to be created in a directory which is protected, files should always be restricted according to the principle of least privilege. If these files are created in a directory without restricted permissions, any user on the system can tamper with these volumes and snapshots. To manage notifications about this bug go to: https://bugs.launchpad.net/cinder/+bug/1432003/+subscriptions