keystone: CVE-2012-5483 - linux/meta-cloud-services.git - Mirror of git.yoctoproject.org/meta-cloud-services.git

diff options

author	Amy Fong <amy.fong@windriver.com>	2014-05-07 14:16:11 -0400
committer	Bruce Ashfield <bruce.ashfield@windriver.com>	2014-05-08 14:30:03 -0400
commit	f1875da73f07825ad468648c6d154478a8673089 (patch)
tree	175ebd1afacad0e684fca495dcfed9e9eff5a917 /meta-openstack/recipes-devtools/python/python-swift_git.bb
parent	1f9d9fea7999feadf14d290fe9545c32fec974aa (diff)
download	meta-cloud-services-f1875da73f07825ad468648c6d154478a8673089.tar.gz

keystone: CVE-2012-5483

tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Amazon Elastic Compute Cloud (Amazon EC2) is configured, uses world-readable permissions for /etc/keystone/ec2rc, which allows local users to obtain access to EC2 services by reading administrative access and secret values from this file. Modify /etc/keystone to have permission 750 Signed-off-by: Amy Fong <amy.fong@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>

Diffstat (limited to 'meta-openstack/recipes-devtools/python/python-swift_git.bb')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: