** Description changed:
Package should security directories and files as below:
chown <pkg>:adm /var/log/<pkg>
chmod 0750 /var/log/<pkg>
find /etc/<pkg> -exec chown root:<pkg> "{}" +
find /etc/<pkg> -type f -exec chmod 0640 "{}" + -o -type d -exec chmod 0750
"{}" +
# Optional rootwrap.d configuration files.
find /etc/<pkg>/rootwrap.d -exec chown root:root "{}" +
find /etc/<pkg>/rootwrap.d -type f -exec chmod 0644 "{}" + -o -type d -exec
chmod 0755 "{}" +
chown <pkg>:<pkg> /var/lib/<pkg>
chmod 0750 /var/lib/<pkg>
+
+ For keystone, /etc/ files/directories should be owned by
+ keystone:keystone: https://docs.openstack.org/security-
+ guide/identity/checklist.html
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1859422
Title:
security: default ownership and permissions
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1859422/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
