diff options
| author | Amy Fong <amy.fong@windriver.com> | 2014-05-07 14:16:11 -0400 |
|---|---|---|
| committer | Bruce Ashfield <bruce.ashfield@windriver.com> | 2014-05-08 14:30:03 -0400 |
| commit | f1875da73f07825ad468648c6d154478a8673089 (patch) | |
| tree | 175ebd1afacad0e684fca495dcfed9e9eff5a917 /meta-openstack/recipes-devtools/python | |
| parent | 1f9d9fea7999feadf14d290fe9545c32fec974aa (diff) | |
| download | meta-cloud-services-f1875da73f07825ad468648c6d154478a8673089.tar.gz | |
keystone: CVE-2012-5483
tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Amazon
Elastic Compute Cloud (Amazon EC2) is configured, uses world-readable
permissions for /etc/keystone/ec2rc, which allows local users to obtain
access to EC2 services by reading administrative access and secret values
from this file.
Modify /etc/keystone to have permission 750
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Diffstat (limited to 'meta-openstack/recipes-devtools/python')
| -rw-r--r-- | meta-openstack/recipes-devtools/python/python-keystone_git.bb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/meta-openstack/recipes-devtools/python/python-keystone_git.bb b/meta-openstack/recipes-devtools/python/python-keystone_git.bb index da6cfb4..c0522f8 100644 --- a/meta-openstack/recipes-devtools/python/python-keystone_git.bb +++ b/meta-openstack/recipes-devtools/python/python-keystone_git.bb | |||
| @@ -28,7 +28,7 @@ do_install_append() { | |||
| 28 | 28 | ||
| 29 | KEYSTONE_CONF_DIR=${D}${sysconfdir}/keystone | 29 | KEYSTONE_CONF_DIR=${D}${sysconfdir}/keystone |
| 30 | 30 | ||
| 31 | install -d ${KEYSTONE_CONF_DIR} | 31 | install -m 750 -d ${KEYSTONE_CONF_DIR} |
| 32 | 32 | ||
| 33 | install -d ${D}${localstatedir}/log/${SRCNAME} | 33 | install -d ${D}${localstatedir}/log/${SRCNAME} |
| 34 | 34 | ||