The GitHub Actions job "Tests (AMD)" on airflow.git/backport-da03584-v3-2-test has succeeded. Run started by GitHub user vatsrahul1001 (triggered by vatsrahul1001).
Head commit for run: 0036dc65ebe679d4cc7cad754f2b1cf25b6620a0 / Jarek Potiuk <[email protected]> [v3-2-test] Warn against world-accessible Kerberos ccache default in docs (#66557) The Kerberos integration docs ship a default ccache path of `/tmp/airflow_krb5_ccache`, which sits in a world-readable directory on most Unix systems and would let any other local user on the host read or modify the Airflow service principal's credential cache. Add a warning recommending a non-world-accessible directory (a per-service runtime dir like `/run/airflow/krb5_ccache` or a private user-scoped location) and `chmod 0700` on the parent — mirroring the guidance the docs already give for the keytab. Reported by the L3 ASVS sweep at apache/tooling-agents#23 (FINDING-175). (cherry picked from commit da03584282c2e708c655c55fc07ccf9490a38a62) Co-authored-by: Jarek Potiuk <[email protected]> Report URL: https://github.com/apache/airflow/actions/runs/26013779020 With regards, GitHub Actions via GitBox --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
