Michael Scherer of Red Hat reported multiple issues in OpenStack Trove where temporary files are used in an insecure way in different modules: trove: MongoDB datastore module in guestagent insecure /tmp file usage in _write_config() https://github.com/openstack/trove/blob/master/trove/guestagent/datastore/experimental/mongodb/service.py#L176 trove: PostgreSQL datastore module in guestagent insecure /tmp file usage in reset_configuration() https://github.com/openstack/trove/blob/master/trove/guestagent/datastore/experimental/postgresql/service/config.py#L70 trove: Redis datastore module in guestagent insecure /tmp file usage in write_config() https://github.com/openstack/trove/blob/master/trove/guestagent/datastore/experimental/redis/service.py#L236 trove: MySQL datastore module in guestagent insecure /tmp file usage in _write_mycnf() https://github.com/openstack/trove/blob/master/trove/guestagent/datastore/mysql/service.py#L790 trove: MySQL restore strategy in guestagent insecure /tmp file usage in InnoBackupEx::_run_prepare() https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/restore/mysql_impl.py#L194 trove: MySQL backup strategy in guestagent insecure /tmp file usage in InnoBackupEx::cmd() https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/backup/mysql_impl.py#L55 trove: MySQL backup strategy in guestagent insecure /tmp file usage in MySQLDump::cmd() https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/backup/mysql_impl.py#L36 trove: MySQL backup strategy in guestagent insecure /tmp file usage in InnoBackupExIncremental::cmd() https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/backup/mysql_impl.py#L110 trove: Cassandra datastore module insecure /tmp file usage in _get_actual_db_status() https://github.com/openstack/trove/blob/master/trove/guestagent/datastore/experimental/cassandra/system.py#L33 https://github.com/openstack/trove/blob/master/trove/guestagent/datastore/experimental/cassandra/service.py#L230 trove: Couchbase backup strategy insecure /tmp file usage in multiple class CbBackup methods https://github.com/openstack/trove/blob/master/trove/guestagent/strategies/backup/experimental/couchbase_impl.py#L30
Upstream does not consider this as a security issue, from https://bugs.launchpad.net/trove/+bug/1398195 : Due to the need for access to the instance filesystem and the limited exposure (basically anyone with shell access to a Trove instance is going to be the administrator of the infrastructure on which it's running) along with the fact that it's only slated to be fixed in the master branch for inclusion in the upcoming Kilo release, the VMT will not be publishing a security advisory nor requesting a CVE for this bug.
Created openstack-trove tracking bugs for this issue: Affects: fedora-all [bug 1247447] Affects: openstack-rdo [bug 1247448]