Thanks Sebastien, and Chiradeep, I've already push a commit to remove the code. If someone explain the reason why we need it, I'll revert my code or make additional patch.
2014-06-02 11:02 GMT-06:00 Chiradeep Vittal <[email protected]>: > No idea, but +1 on removing it. > > From: Sebastien Goasguen <[email protected]<mailto:[email protected]>> > Date: Monday, June 2, 2014 at 12:16 AM > To: "[email protected]<mailto:[email protected]>" > <[email protected]<mailto:[email protected]>>, Alex Huang > <[email protected]<mailto:[email protected]>>, Chiradeep Vittal > <[email protected]<mailto:[email protected]>> > Subject: Re: Why does cloudstack-setup-management make /root writable? > > > On May 31, 2014, at 11:14 AM, Milamber > <[email protected]<mailto:[email protected]>> wrote: > > A related ticket has been open in Jira > https://issues.apache.org/jira/browse/CLOUDSTACK-6673 > > Let me copy Alex and Chiradeep, they might have some background about this. > > Le 31/05/2014 08:27, ilya musayev a ecrit : > I really dont know why. I guess we can figure out who made the commit and ask > for rationale on this, but i'm not aware of any reason why /root must be 777. > Big security hole in my opinion. > I'd say to give it a try in your env first, if your tests pass, commit. > On 5/31/14, 12:06 AM, Yoshikazu Nojima wrote: > Hi, > Does anyone know the reason why cloudstack-setup-management make /root > directory mode 777 in ubuntu? > https://github.com/apache/cloudstack/blob/master/python/lib/cloudutils/serviceConfig.py#L767 > If no one have objection, I will remove this code. > Regards, > Noji > >
