Petals Registry CLI

The default preference file should be readable only by users member of group 'petals'

Details

  • Type: Bug Bug
  • Status: Resolved Resolved
  • Priority: Major Major
  • Resolution: Fixed
  • Affects Version/s: 1.0.0
  • Fix Version/s: 1.1.0
  • Component/s: Debian Pack
  • Security Level: Public
  • Description:
    Hide

    To increase security, the default preference file '/etc/petals-registry-cli/petals-registry-cli.default'' should not be readable by all users. It should be readable only by users member of a given group.

    By default, the group 'petals' will be used to protect the preference file. If needed, the group can be changed.

    Note: If the user running Petals Registry CLI is not a member of this group, a warning will be displayed if the mode 'Console' is used:

    user@host> petals-registry-cli -C
ERROR: Your are not granted to access the configuration file '/etc/petals-registry-cli/petals-registry-cli.default'.

user@host>
    Show
    To increase security, the default preference file '/etc/petals-registry-cli/petals-registry-cli.default'' should not be readable by all users. It should be readable only by users member of a given group. By default, the group 'petals' will be used to protect the preference file. If needed, the group can be changed. Note: If the user running Petals Registry CLI is not a member of this group, a warning will be displayed if the mode 'Console' is used: 
    user@host> petals-registry-cli -C
ERROR: Your are not granted to access the configuration file '/etc/petals-registry-cli/petals-registry-cli.default'.

user@host>
  • Environment:
    -

Issue Links

Depends
 

Activity

Ascending order - Click to sort in descending order
Christophe DENEUX made changes - Thu, 28 Jan 2016 - 14:59:07 +0100
Field Original Value New Value
Link This issue blocks PETALSDISTRIB-221 [ PETALSDISTRIB-221 ]
Christophe DENEUX made changes - Thu, 28 Jan 2016 - 14:59:14 +0100
Status New [ 10000 ] Open [ 10002 ]
Priority Major [ 3 ]
Christophe DENEUX made changes - Thu, 28 Jan 2016 - 14:59:23 +0100
Status Open [ 10002 ] In Progress [ 10003 ]
Christophe DENEUX made changes - Thu, 28 Jan 2016 - 15:35:43 +0100
Description To increase security, the default preference file '{{/etc/petals-registry-cli/petals-registry-cli.default}}'' should not be readable by all users. It should be readable only by users member of a given group.

By default, the group '{{petals}}' will be used to protect the preference file. If needed, the group can be changed.

Note: If the user running Petals Registry CLI is not a member of this group, a warning will be displayed if the mode '{{Console}}' is used:
{code}
user@host> petals-registry-cli -C
WARNING: Your are not granted to access the default configuration file: ...
petals-registry-cli>
{code}
To increase security, the default preference file '{{/etc/petals-registry-cli/petals-registry-cli.default}}'' should not be readable by all users. It should be readable only by users member of a given group.

By default, the group '{{petals}}' will be used to protect the preference file. If needed, the group can be changed.

Note: If the user running Petals Registry CLI is not a member of this group, a warning will be displayed if the mode '{{Console}}' is used:
{code}
user@host> petals-registry-cli -C
ERROR: Your are not granted to access the configuration file '/etc/petals-registry-cli/petals-registry-cli.default'.

user@host>
{code}
Christophe DENEUX made changes - Thu, 28 Jan 2016 - 16:27:18 +0100
Status In Progress [ 10003 ] Resolved [ 10004 ]
Fix Version/s 1.1.0 [ 10606 ]
Resolution Fixed [ 1 ]

People

Dates

  • Created:
    Thu, 28 Jan 2016 - 14:58:42 +0100
    Updated:
    Thu, 28 Jan 2016 - 16:28:21 +0100
    Resolved:
    Thu, 28 Jan 2016 - 16:27:17 +0100
Atlassian JIRA (v4.1.2#531) | Report a problem | Request a feature | Contact administrators
Powered by a free Atlassian JIRA open source license for Petals ESB. Try JIRA - bug tracking software for your team.