Tanvi Penumudy created HDDS-8495:
------------------------------------
Summary: Fix permissions and path handling for ozone sh token get
command
Key: HDDS-8495
URL: https://issues.apache.org/jira/browse/HDDS-8495
Project: Apache Ozone
Issue Type: Bug
Components: Security
Reporter: Tanvi Penumudy
Assignee: Tanvi Penumudy
The CLI command: {{ozone sh token get}} does a few things wrong:
# Writes to {{/tmp/ozone.token}} and the permissions allow another user to
read it.
# A second user cannot run the command as the {{/tmp}} folder does not allow
another user to delete the file.
We will require a fix that would:
# Require the user to enter the path to which the token will be written.
# Set the permission for the file to be readable by only the user who owns the
file.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
