In a default Openstack Director installation, openstack-octavia creates log files that are readable by all users. Sensitive information such as private keys can appear in these log files allowing for information exposure.
Created openstack-octavia tracking bugs for this issue: Affects: openstack-rdo [bug 1649166]
This issue has been addressed in the following products: Red Hat OpenStack Platform 13.0 (Queens) Via RHSA-2019:0567 https://access.redhat.com/errata/RHSA-2019:0567
This issue has been addressed in the following products: Red Hat OpenStack Platform 14.0 (Rocky) Via RHSA-2019:0593 https://access.redhat.com/errata/RHSA-2019:0593
Acknowledgments: Name: Garth Mollett (Red Hat)