Description of problem:
The directory /var/log/openvswitch is world readable and contains log files that are readable, which can result in the exposure of sensitive information. The 'other readable/execute' bits need to be removed from the /var/log/openvswitch directory.
Because no sensitive data was found in the files, this is being raised as a hardening bug, and not a flaw.
Version-Release number of selected component (if applicable):
openvswitch-2.5.0-14.git20160727.el7fdp
Steps to reproduce:
$ ls -la /var/log/openvswitch
total 44
drwxr-xr-x. 2 root root 52 Mar 7 20:12 .
drwxr-xr-x. 29 root root 4096 Mar 12 21:40 ..
-rw-r--r--. 1 root root 2107 Mar 12 21:40 ovsdb-server.log
-rw-r--r--. 1 root root 31302 Mar 12 21:42 ovs-vswitchd.log
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHSA-2017:2553