[jira] [Commented] (KARAF-6405) Make sure Config files are jailed to the container etc directory

Jira Mon, 23 Sep 2019 03:46:42 -0700


    [ 
https://issues.apache.org/jira/browse/KARAF-6405?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16935736#comment-16935736
 ]


Jean-Baptiste Onofré commented on KARAF-6405:
---------------------------------------------

And again, when you say 'a feature config file can overwrite any file on the 
system', it's permission matter. If the admin runs Karaf as root, obviously, it 
opens the door. But Karaf can't be the "key holder" of any "bad" practice of 
the admin ;)

> Make sure Config files are jailed to the container etc directory
> ----------------------------------------------------------------
>
>                 Key: KARAF-6405
>                 URL: https://issues.apache.org/jira/browse/KARAF-6405
>             Project: Karaf
>          Issue Type: Bug
>          Components: karaf
>            Reporter: Colm O hEigeartaigh
>            Assignee: Jean-Baptiste Onofré
>            Priority: Major
>
> Make sure that Config file names are jailed to the container.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (KARAF-6405) Make sure Config files are jailed to the container etc directory

Reply via email to