Project

Profile

Help

Issue #614

closed

~/.pulp/ is world readable

Added by bmbouter over 9 years ago. Updated about 5 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
High
Assignee:
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
Estimated time:
Severity:
3. High
Version:
2.5
Platform Release:
2.6.0
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2
Sprint:
Quarter:

Description

~/.pulp/ has permissions 775 which is insecure.

I expect ~/.pulp/ to have permissions 700 so that other users cannot read files within here. This is important for another bug [0] BZ 1159067 which puts username/password info into ~/.pulp/admin.conf

We can't automatically secure ~/.pulp/admin.conf because the user creates that file. We should set 700 on the folder level.

[0]: https://bugzilla.redhat.com/show_bug.cgi?id=1159067

+ This bug was cloned from Bugzilla Bug #1163451 +

Also available in: Atom PDF