I don't think there's any real reason it was there. Probably it was easiest at that time to do. +1 and thanks on removing it.
--Alex > -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Yoshikazu Nojima > Sent: Monday, June 2, 2014 10:14 AM > To: [email protected] > Cc: Sebastien Goasguen; Alex Huang; Frank Zhang > Subject: Re: Why does cloudstack-setup-management make /root writable? > > Thanks Sebastien, and Chiradeep, > > I've already push a commit to remove the code. > If someone explain the reason why we need it, I'll revert my code or make > additional patch. > > 2014-06-02 11:02 GMT-06:00 Chiradeep Vittal <[email protected]>: > > No idea, but +1 on removing it. > > > > From: Sebastien Goasguen > <[email protected]<mailto:[email protected]>> > > Date: Monday, June 2, 2014 at 12:16 AM > > To: "[email protected]<mailto:[email protected]>" > > <[email protected]<mailto:[email protected]>>, Alex > > Huang <[email protected]<mailto:[email protected]>>, > Chiradeep > > Vittal > > <[email protected]<mailto:[email protected]>> > > Subject: Re: Why does cloudstack-setup-management make /root writable? > > > > > > On May 31, 2014, at 11:14 AM, Milamber > <[email protected]<mailto:[email protected]>> wrote: > > > > A related ticket has been open in Jira > > https://issues.apache.org/jira/browse/CLOUDSTACK-6673 > > > > Let me copy Alex and Chiradeep, they might have some background about > this. > > > > Le 31/05/2014 08:27, ilya musayev a ecrit : > > I really dont know why. I guess we can figure out who made the commit > and ask for rationale on this, but i'm not aware of any reason why /root must > be 777. Big security hole in my opinion. > > I'd say to give it a try in your env first, if your tests pass, commit. > > On 5/31/14, 12:06 AM, Yoshikazu Nojima wrote: > > Hi, > > Does anyone know the reason why cloudstack-setup-management make > /root > > directory mode 777 in ubuntu? > > https://github.com/apache/cloudstack/blob/master/python/lib/cloudutils > > /serviceConfig.py#L767 If no one have objection, I will remove this > > code. > > Regards, > > Noji > > > >
