Bug 1266161 - initial-setup: File /root/initial-setup-ks.cfg is world-readable by default
initial-setup: File /root/initial-setup-ks.cfg is world-readable by default
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On: 1264336
Blocks: 1266162
  Show dependency treegraph
Reported: 2015-09-24 12:05 EDT by Adam Mariš
Modified: 2015-09-26 08:42 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2015-09-26 08:42:53 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Adam Mariš 2015-09-24 12:05:28 EDT
It was reported that file /root/initial-setup-ks.cfg is world-readable:

-rw-------.  1 root root  1725 Sep  1 13:59 anaconda-ks.cfg
-rw-r--r--.  1 root root  1773 Sep  1 14:04 initial-setup-ks.cfg

Product bug:

Comment 1 Tomas Hoger 2015-09-26 08:42:53 EDT
While the initial-setup-ks.cfg file is world readable, it is stored in the /root directory which is not world accessible (the default permissions in Red Hat Enterprise Linux 7 a 550 root:root).

This issue is planned to be addressed in future updates as security hardening, but is not planned to be handled as security flaw.

Note You need to log in before you can comment on or make changes to this bug.