Issue #15471 has been updated by Alexander Swen.
it is even worse: this won't solve it:
<pre>file { '/var/lib/puppet/state/last_run_summary.yaml':
mode => '0644',
ensure => 'present';
}</pre>
because the file is written after the run.
I use this file for my [check_puppet_agent nagios
plugin](https://github.com/aswen/nagios-plugins/blob/master/check_puppet_agent)
----------------------------------------
Bug #15471: last_run_summary.yaml is only readable by root
https://projects.puppetlabs.com/issues/15471#change-66758
Author: R.I. Pienaar
Status: Unreviewed
Priority: Normal
Assignee:
Category:
Target version:
Affected Puppet version:
Keywords:
Branch:
The work for CVE-2012-3866 also changed the permissions for this file which
does not contain sensitive information imo and should not be restricted to root
only. This relates to #7106 that moved this to world readable and contained a
justification why etc.
https://github.com/puppetlabs/puppet/commit/fd44bf5
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-bugs?hl=en.
