keystone: CVE-2012-5483 - linux/meta-cloud-services.git - Mirror of git.yoctoproject.org/meta-cloud-services.git

diff options

author	Amy Fong <amy.fong@windriver.com>	2014-05-07 14:16:11 -0400
committer	Bruce Ashfield <bruce.ashfield@windriver.com>	2014-05-08 14:04:34 -0400
commit	e296e1379166fef18f80f0d4d0434111ae463441 (patch)
tree	35942fa8b2530032cb032c4d3e564cb6927dd355 /meta-openstack/recipes-connectivity/open-iscsi
parent	59a83fa1d29006720d871285c857920fe4f9e68b (diff)
download	meta-cloud-services-e296e1379166fef18f80f0d4d0434111ae463441.tar.gz

keystone: CVE-2012-5483

tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Amazon Elastic Compute Cloud (Amazon EC2) is configured, uses world-readable permissions for /etc/keystone/ec2rc, which allows local users to obtain access to EC2 services by reading administrative access and secret values from this file. Modify /etc/keystone to have permission 750 Signed-off-by: Amy Fong <amy.fong@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>

Diffstat (limited to 'meta-openstack/recipes-connectivity/open-iscsi')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: