[Openstack-security] [Bug 1556231] Re: Rootwrap configuration has incorrect ownership
Jesse Pretorius
jesse.pretorius at gmail.com
Mon Apr 4 11:31:03 UTC 2016
** Changed in: openstack-ansible/trunk
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1556231
Title:
Rootwrap configuration has incorrect ownership
Status in openstack-ansible:
Fix Released
Status in openstack-ansible kilo series:
Fix Released
Status in openstack-ansible liberty series:
Fix Released
Status in openstack-ansible trunk series:
Fix Released
Bug description:
The /etc/<openstack_service>/rootwrap.conf file and
/etc/<openstack_service>/rootwrap.d directory and its contents created
by the Nova, Neutron, Cinder and Ceilomer playbooks/roles are
incorrectly owned by a user other than root.
This is a security vulnerability inasmuch as it may allow users with
lower privileges to modify the rootwrap configuration and escalate
privileges.
To manage notifications about this bug go to:
https://bugs.launchpad.net/openstack-ansible/+bug/1556231/+subscriptions
More information about the Openstack-security
mailing list