Ubuntu
nova package

console.ring files should not be world readable

Bug #929780 reported by James Troup on 2012-02-09

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	nova (Ubuntu)	Fix Released	High	Unassigned

Bug Description

-rw-r--r-- 1 nova nova 65545 2011-10-27 01:41 /srv/nova/instances/instance-0000045b/console.ring

I don't believe that an unprivileged user on a compute node should be
able to read the console output for any instances running on that
node.

Tags:

Dave Walker (davewalker) on 2012-02-09

Changed in nova (Ubuntu):
importance:	Undecided → High

Revision history for this message

Robie Basak (racb) wrote on 2012-02-09:

I'd expect the protection to be on /srv/nova/instances/instance-0000045b in that example, or even further up. An unprivileged user on a compute node shouldn't even be able to get into that directory.

Antonio Rosales (arosales) on 2012-02-29

tags:

added: rls-p-tracking

James Troup (elmo) on 2012-03-05

tags:

added: canonistack

Revision history for this message

Chuck Short (zulcss) wrote on 2012-03-06:

This should be fixed in the last upload.

Changed in nova (Ubuntu):
status:	New → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntunova package

console.ring files should not be world readable

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
nova package