[
https://issues.apache.org/jira/browse/BROOKLYN-46?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Aled Sage resolved BROOKLYN-46.
-------------------------------
Resolution: Fixed
Fix Version/s: 0.7.0-M2
> Files created by persistence mechanism should not be readable by other users
> ----------------------------------------------------------------------------
>
> Key: BROOKLYN-46
> URL: https://issues.apache.org/jira/browse/BROOKLYN-46
> Project: Brooklyn
> Issue Type: Bug
> Reporter: Sam Corbett
> Assignee: Aled Sage
> Fix For: 0.7.0-M2
>
>
> Originally reported at:
> https://github.com/brooklyncentral/brooklyn/issues/1240
> Files containing persisted state have permissions 644. Files containing
> persisted locations contain private key data. Other users should not be able
> to read this data. We should follow ssh's practice and restrict access to the
> user that owns the private key.
> {code}
> $ su otheruser
> $ ls -l /Users/sam/.brooklyn/brooklyn-persisted-state/data/locations
> total 112
> -rw-r--r-- 1 sam staff 2319 10 Mar 10:38 BhIXCfBt
> -rw-r--r-- 1 sam staff 2317 10 Mar 10:38 FktCwLnX
> ...
> $ cat /Users/sam/.brooklyn/brooklyn-persisted-state/data/locations/BhIXCfBt
> <location>
> <brooklynVersion>0.7.0-SNAPSHOT</brooklynVersion>
> <type>brooklyn.location.basic.SshMachineLocation</type>
> <id>BhIXCfBt</id>
> <displayName>SshMachineLocation:BhIX</displayName>
> <children/>
> <locationConfig>
> <longitude type="double">-77.48750305175781</longitude>
> <port type="int">22</port>
> <latitude type="double">39.043701171875</latitude>
> <user>sam</user>
> <privateKeyData>-----BEGIN RSA PRIVATE KEY-----
> ... :-(
> {code}
--
This message was sent by Atlassian JIRA
(v6.2#6252)
