[jira] [Updated] (AMBARI-19902) Ambari scripts have 777 permission which is a major security concern (change came from 2.4.x)

Vitaly Brodetskyi (JIRA) Tue, 07 Feb 2017 12:39:18 -0800

     [ 
https://issues.apache.org/jira/browse/AMBARI-19902?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Vitaly Brodetskyi updated AMBARI-19902:
---------------------------------------
    Attachment: AMBARI-19902.patch

> Ambari scripts have 777 permission which is a major security concern (change 
> came from 2.4.x)
> ---------------------------------------------------------------------------------------------
>
>                 Key: AMBARI-19902
>                 URL: https://issues.apache.org/jira/browse/AMBARI-19902
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-agent, ambari-server
>    Affects Versions: 2.4.0
>            Reporter: Vitaly Brodetskyi
>            Assignee: Vitaly Brodetskyi
>            Priority: Critical
>             Fix For: 2.5.0
>
>         Attachments: AMBARI-19902.patch
>
>
> If we look at the below output these files have 777 perms : 
> {code}
> [root@h1 ~]# ll /usr/lib/python2.6/site-packages/ambari_agent/HostCleanup.py 
> -rwxrwxrwx. 1 root root 22471 Nov 23 07:40 
> /usr/lib/python2.6/site-packages/ambari_agent/HostCleanup.py 
> [root@h1 ~]# ll /var/lib/ambari-server/resources/scripts/configs.sh 
> -rwxrwxrwx. 1 root root 9801 Nov 23 07:27 
> /var/lib/ambari-server/resources/scripts/configs.sh 
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (AMBARI-19902) Ambari scripts have 777 permission which is a major security concern (change came from 2.4.x)

Reply via email to