Description of problem: The directory /var/log/openvswitch is world readable and contains log files that are readable, which can result in the exposure of sensitive information. The 'other readable/execute' bits need to be removed from the /var/log/openvswitch directory. Because no sensitive data was found in the files, this is being raised as a hardening bug, and not a flaw. Version-Release number of selected component (if applicable): openvswitch-2.5.0-14.git20160727.el7fdb Steps to reproduce: $ ls -la /var/log/openvswitch total 40 drwxr-xr-x. 2 root root 52 Mar 6 21:43 . drwxr-xr-x. 27 root root 4096 Mar 12 21:52 .. -rw-r--r--. 1 root root 1667 Mar 12 21:52 ovsdb-server.log -rw-r--r--. 1 root root 26482 Mar 12 21:54 ovs-vswitchd.log
https://bugzilla.redhat.com/show_bug.cgi?id=1431497#c3
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2017:2692