Bug 1001482 - Backup files of /etc/httpd/conf.d/ssl.conf are created world-writable
Backup files of /etc/httpd/conf.d/ssl.conf are created world-writable
Status: CLOSED NOTABUG
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine-setup (Show other bugs)
3.2.0
Unspecified Unspecified
medium Severity medium
: ---
: 3.3.0
Assigned To: Yedidyah Bar David
Ilanit Stein
integration
: Reopened, Triaged
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-08-27 03:03 EDT by Yedidyah Bar David
Modified: 2015-09-22 09 EDT (History)
9 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-09-25 03:31:52 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Yedidyah Bar David 2013-08-27 03:03:37 EDT
Description of problem:

Backup files of /etc/httpd/conf.d/ssl.conf are created world-writable.

Version-Release number of selected component (if applicable):

3.2

How reproducible:

When an ssl.conf file exists prior to running setup

Steps to Reproduce:
1. Verify that ssl.conf exists (this is the default)
2. Run engine-setup, choose to automatically update apache/httpd conf

Actual results:

There is a world-writable backup file named /etc/httpd/conf.d/ssl.conf.BACKUP.$timestamp

Expected results:

The file should be writable by root only.

Additional info:

This seems to be caused by the function copyFile in common_utils.py to have the default for filemod '-1'.
Comment 5 Yedidyah Bar David 2013-09-25 03:31:52 EDT
Closing, as it does not affect RHEV/RHEL. BZ #1011616 is for upstream ovirt 3.2.

Note You need to log in before you can comment on or make changes to this bug.