Issue #614: ~/.pulp/ is world readable - Pulp

Actions

Send by e-mail Copy link

Issue #614

closed

~/.pulp/ is world readable

Added by bmbouter about 9 years ago. Updated about 5 years ago.

Status:

CLOSED - CURRENTRELEASE

Priority:

High

Assignee:

mhrivnak

Category:

Sprint/Milestone:

Start date:

Due date:

Estimated time:

Severity:

3. High

Version:

2.5

Platform Release:

2.6.0

OS:

Triaged:

Yes

Groomed:

Sprint Candidate:

Tags:

Pulp 2

Sprint:

Quarter:

Description

~/.pulp/ has permissions 775 which is insecure.

I expect ~/.pulp/ to have permissions 700 so that other users cannot read files within here. This is important for another bug [0] BZ 1159067 which puts username/password info into ~/.pulp/admin.conf

We can't automatically secure ~/.pulp/admin.conf because the user creates that file. We should set 700 on the folder level.

[0]: https://bugzilla.redhat.com/show_bug.cgi?id=1159067

+ This bug was cloned from Bugzilla Bug #1163451 +

Actions

Send by e-mail Copy link

Also available in: Atom PDF

Project

Profile

Help

Pulp

Agile boards

Custom queries

Issue #614

~/.pulp/ is world readable

Updated by mhrivnak about 9 years ago

Updated by cduryee about 9 years ago

Updated by igulina@redhat.com about 9 years ago

Updated by bmbouter about 9 years ago

Updated by rbarlow almost 9 years ago

Updated by bmbouter about 5 years ago