Issue #19423 has been reported by Tobias Hunger.
----------------------------------------
Bug #19423: Puppet puts contents into files before adjusting permissions.
https://projects.puppetlabs.com/issues/19423
Author: Tobias Hunger
Status: Unreviewed
Priority: Normal
Assignee:
Category: file
Target version:
Affected Puppet version: development
Keywords: file
Branch: master
I am configuring SSH via puppet using this configuration:
file { "/etc/ssh/sshd_config" :
ensure => present,
owner => "root",
group => "root",
mode => 0600,
source => "puppet:///modules/openssh/sshd_config",
}
Checking the log I noticed that puppet puts the contents into the file and only
then adjust the permissions from 644 to 600. This could potentially lead to
information in this file being disclosed to local users.
Could you please create an empty file, set owner and group and permissions on
it and only then add the contents?
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
