[oslo][security] Are config files vetted for ownership/permissions?
When $service loads up a config file like /etc/nova/nova.conf via oslo.config, is there anything that makes sure the dir and/or file are owned by the process user/group and have appropriate permissions? E.g. to prevent $hacker from modifying/replacing config opts and making $service do horrible things to my system/cloud. (I'm less concerned with $hacker seeing passwords etc., though I expect we would be accounting for both or neither.) efried .
On 2019-10-18 17:18:25 -0500 (-0500), Eric Fried wrote:
When $service loads up a config file like /etc/nova/nova.conf via oslo.config, is there anything that makes sure the dir and/or file are owned by the process user/group and have appropriate permissions? E.g. to prevent $hacker from modifying/replacing config opts and making $service do horrible things to my system/cloud. (I'm less concerned with $hacker seeing passwords etc., though I expect we would be accounting for both or neither.)
As with most software, taking care of this is generally up to whoever implements deployment and packaging solutions. Those are in the best position to know what user and group IDs have been created for this purpose, and to set permissions and ownership for them accordingly. If you're asking whether any of our software implements "this conffile's permissions are too loose!" warnings (like how OpenSSH refuses to start if your private key is world-readable), I'm not aware of any, no. -- Jeremy Stanley
participants (2)
-
Eric Fried
-
Jeremy Stanley