It was found that redis set weak permissions on certain files that could potentially contain sensitive information: -rw-r--r--. 1 redis root 41599 Feb 8 2016 /etc/redis.conf -rw-r--r--. 1 redis root 7355 Feb 8 2016 /etc/redis-sentinel.conf drwxr-xr-x. 2 redis redis 4096 Sep 9 14:29 /var/lib/redis This issue was originally reported in bug 1374700.
What's the recommended update? 640/750 ? Typically, things in /etc are world-readable?
(In reply to Lon Hohberger from comment #3) > What's the recommended update? 640/750 ? Typically, things in /etc are > world-readable? I think 640 on the two files that contain passwords (redis.conf, redis-sentinel.conf) like is already done in the newer builds should be fine.
Acknowledgements: Name: Honza Horak (Red Hat), Remi Collet (Red Hat)
This issue has been addressed in the following products: Red Hat OpenStack Platform 10.0 (Newton) Via RHSA-2017:3226 https://access.redhat.com/errata/RHSA-2017:3226