Bug 1265917 - ipa server log files are world-readable
ipa server log files are world-readable
Status: ASSIGNED
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: ipa (Show other bugs)
7.2
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: IPA Maintainers
Namita Soman
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-09-24 03:27 EDT by Sudhir Menon
Modified: 2017-04-06 12:24 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Sudhir Menon 2015-09-24 03:27:04 EDT
Description of problem: ipa server log files are world-readable
 

Version-Release number of selected component (if applicable):


How reproducible:Always


Steps to Reproduce:
1. Login to IPA server.
2. check the permissions of the log file.


Actual results: The log files are world-readable.

/var/log/ipa
[root@ipa01 ipa]# ls -l
total 12
-rw-r--r--. 1 root root 5355 Sep 24 12:06 default.log
-rw-r--r--. 1 root root 3898 Sep 24 12:08 server.log

Expected results: Log files shouldn't be world-readable unless required.

Additional info:
Comment 5 Tomas Babej 2015-09-24 09:36:48 EDT
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/5324
Comment 6 Petr Vobornik 2017-04-06 12:24:53 EDT
IdM team doesn't have capacity to fix this bug for RHEL 7.4. Moving to next RHEL version. Fixing the bug there will depend on capacity of FreeIPA upstream. Without sufficient  justification there is a chance that it will be moved again later.

Note You need to log in before you can comment on or make changes to this bug.