1001482 – Backup files of /etc/httpd/conf.d/ssl.conf are created world-writable

Bug 1001482 - Backup files of /etc/httpd/conf.d/ssl.conf are created world-writable

Summary: Backup files of /etc/httpd/conf.d/ssl.conf are created world-writable

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Red Hat Enterprise Virtualization Manager
Classification:	Red Hat
Component:	ovirt-engine-setup
Sub Component:
Version:	3.2.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	---
Target Release:	3.3.0
Assignee:	Yedidyah Bar David
QA Contact:	Ilanit Stein
Docs Contact:
URL:
Whiteboard:	integration
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-08-27 07:03 UTC by Yedidyah Bar David
Modified:	2015-09-22 13:09 UTC (History)
CC List:	9 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2013-09-25 07:31:52 UTC
oVirt Team:	---
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Yedidyah Bar David 2013-08-27 07:03:37 UTC

Description of problem:

Backup files of /etc/httpd/conf.d/ssl.conf are created world-writable.

Version-Release number of selected component (if applicable):

3.2

How reproducible:

When an ssl.conf file exists prior to running setup

Steps to Reproduce:
1. Verify that ssl.conf exists (this is the default)
2. Run engine-setup, choose to automatically update apache/httpd conf

Actual results:

There is a world-writable backup file named /etc/httpd/conf.d/ssl.conf.BACKUP.$timestamp

Expected results:

The file should be writable by root only.

Additional info:

This seems to be caused by the function copyFile in common_utils.py to have the default for filemod '-1'.

Comment 5 Yedidyah Bar David 2013-09-25 07:31:52 UTC

Closing, as it does not affect RHEV/RHEL. BZ #1011616 is for upstream ovirt 3.2.

Note You need to log in before you can comment on or make changes to this bug.