"ceph-deploy admin" command pushes the client.admin key with world readable permissions as in /etc/ceph/ceph.client.admin.keyring, It is similar issue like CVE-2015-3010 , but this seems more bad as it is copying to /etc/ceph which readable by any user. ~]# ls -Z /etc/ | grep ceph drwxr-xr-x. root root system_u:object_r:etc_t:s0 ceph For further information : http://tracker.ceph.com/issues/11694
This issue has been addressed in the following products: Red Hat Ceph Storage 1.2 for RHEL 7 Red Hat Ceph Storage 1.2 for RHEL 6 Via RHSA-2015:1092 https://access.redhat.com/errata/RHSA-2015:1092
This issue has been addressed in the following products: Red Hat Ceph Storage 1.2 for Ubuntu 12.04 Red Hat Ceph Storage 1.2 for Ubuntu 14.04 Via RHSA-2015:1579 https://access.redhat.com/errata/RHSA-2015:1579
This issue has been addressed in the following products: Red Hat Ceph Storage 1.2 for CentOS 6 Via RHSA-2015:1631 https://access.redhat.com/errata/RHSA-2015:1631
This issue has been addressed in the following products: Red Hat Ceph Storage for Ubuntu 12.04 Red Hat Ceph Storage for Ubuntu 14.04 Via RHSA-2015:1579 https://access.redhat.com/errata/RHSA-2015:1579