oss-sec mailing list archives
CVE Request for ceph-deploy copying keyring to /etc/ceph which is world readable
From: Siddharth Sharma <sisharma () redhat com>
Date: Fri, 22 May 2015 00:36:36 +0530
Hi, "ceph-deploy admin" command pushes the client.admin key with world readable permissions as in /etc/ceph/ceph.client.admin.keyring, It is similar issue like CVE-2015-3010 , but this seems more bad as it is copying to /etc/ceph which readable by any user. ~]# ls -Z /etc/ | grep ceph drwxr-xr-x. root root system_u:object_r:etc_t:s0 ceph For further informataion : http://tracker.ceph.com/issues/11694 -- Siddharth Sharma / Red Hat Product Security / Key ID : 0xD9F6489A Fingerprint : 0x6F04C684 A49C E4CE 8148 E841 CD6F 8E55 D9F6 489A
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- CVE Request for ceph-deploy copying keyring to /etc/ceph which is world readable Siddharth Sharma (May 21)