Bug #36586: ceph-volume /etc/ceph/osd files contains keyring and is worldwide readable. - ceph-volume - Ceph

Bug #36586

ceph-volume /etc/ceph/osd files contains keyring and is worldwide readable.

Added by Mehdi Abaakouk over 4 years ago. Updated over 4 years ago.

Status:

New

Priority:

High

Assignee:

Mehdi Abaakouk

Target version:

% Done:

Source:

Tags:

Backport:

Regression:

Severity:

3 - minor

Reviewed:

Affected Versions:

ceph-qa-suite:

Pull request ID:

Crash signature (v1):

Crash signature (v2):

Description

ceph-volume simple scan creates files in /etc/ceph/osd worldwide readable.

These files contains keyring of the osd.

Permissions of keyring stuff must be owned and readable by root only.

History

#1 Updated by Mehdi Abaakouk over 4 years ago

or something like ceph:ceph 400

#2 Updated by Mehdi Abaakouk over 4 years ago

Project changed from Ceph to ceph-volume

#3 Updated by Mehdi Abaakouk over 4 years ago

Assignee set to Mehdi Abaakouk

#4 Updated by Mehdi Abaakouk over 4 years ago

Priority changed from Normal to High

Also available in: Atom PDF

Project

General

Profile

Ceph » ceph-volume

Issues

Tags

Custom queries