diff options
| author | Amy Fong <amy.fong@windriver.com> | 2014-05-07 14:16:11 -0400 |
|---|---|---|
| committer | Bruce Ashfield <bruce.ashfield@windriver.com> | 2014-05-08 14:04:34 -0400 |
| commit | e296e1379166fef18f80f0d4d0434111ae463441 (patch) | |
| tree | 35942fa8b2530032cb032c4d3e564cb6927dd355 /meta-openstack | |
| parent | 59a83fa1d29006720d871285c857920fe4f9e68b (diff) | |
| download | meta-cloud-services-e296e1379166fef18f80f0d4d0434111ae463441.tar.gz | |
keystone: CVE-2012-5483
tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Amazon
Elastic Compute Cloud (Amazon EC2) is configured, uses world-readable
permissions for /etc/keystone/ec2rc, which allows local users to obtain
access to EC2 services by reading administrative access and secret values
from this file.
Modify /etc/keystone to have permission 750
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Diffstat (limited to 'meta-openstack')
| -rw-r--r-- | meta-openstack/recipes-devtools/python/python-keystone_git.bb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/meta-openstack/recipes-devtools/python/python-keystone_git.bb b/meta-openstack/recipes-devtools/python/python-keystone_git.bb index da6cfb4..c0522f8 100644 --- a/meta-openstack/recipes-devtools/python/python-keystone_git.bb +++ b/meta-openstack/recipes-devtools/python/python-keystone_git.bb | |||
| @@ -28,7 +28,7 @@ do_install_append() { | |||
| 28 | 28 | ||
| 29 | KEYSTONE_CONF_DIR=${D}${sysconfdir}/keystone | 29 | KEYSTONE_CONF_DIR=${D}${sysconfdir}/keystone |
| 30 | 30 | ||
| 31 | install -d ${KEYSTONE_CONF_DIR} | 31 | install -m 750 -d ${KEYSTONE_CONF_DIR} |
| 32 | 32 | ||
| 33 | install -d ${D}${localstatedir}/log/${SRCNAME} | 33 | install -d ${D}${localstatedir}/log/${SRCNAME} |
| 34 | 34 | ||