Hide Forgot
Default perms are 0666. This is very bad. At the least, they should be 0664, better would be 0644, best would be 0600 (since the logs currently may contain sensitive information) [root@qeblade33 log]# ls -l imagefactory.log -rw-rw-rw-. 1 root root 30755 Feb 22 14:48 imagefactory.log
Two questions: 1. What sensitive information does the image factory log contain? 2. What sets the perms on the log, factory or configure?
We've made several changes to avoid having passwords in the log. Beyond that, I don't know what would be in it that is worth protecting.
https://github.com/aeolusproject/imagefactory/pull/92
Commit pulled into release branch as: https://github.com/aeolusproject/imagefactory/commit/0115e304e28ac1a9cb0e8d1c59c250c13227e081 Brewed as 1.0.0rc7
[root@dell-per805-01 log]# ls -l imagefactory.log -rw-------. 1 root root 23865 Feb 27 04:41 imagefactory.log Verified in rpm -qa|grep aeolus aeolus-conductor-0.8.0-36.el6.noarch rubygem-aeolus-cli-0.3.0-10.el6.noarch aeolus-conductor-daemons-0.8.0-36.el6.noarch aeolus-configure-2.5.0-15.el6.noarch rubygem-aeolus-image-0.3.0-10.el6.noarch aeolus-all-0.8.0-36.el6.noarch aeolus-conductor-doc-0.8.0-36.el6.noarch
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHEA-2012-0588.html