Changed mode of /var/log/nova to 0750
If directory is world executable, it means when somebody knows proper filenames (and everybody knows default names) then the directory is "vulnerable". Change-Id: Icdd68f5178debdd2368d3c02c94419be4f2935a8
This commit is contained in:
parent
2feb83d627
commit
393c95d1ad
|
@ -125,7 +125,7 @@ class nova(
|
|||
|
||||
file { $logdir:
|
||||
ensure => directory,
|
||||
mode => '0751',
|
||||
mode => '0750',
|
||||
}
|
||||
file { '/etc/nova/nova.conf':
|
||||
mode => '0640',
|
||||
|
|
|
@ -36,7 +36,7 @@ describe 'nova' do
|
|||
|
||||
it { should contain_file('/var/log/nova').with(
|
||||
'ensure' => 'directory',
|
||||
'mode' => '0751',
|
||||
'mode' => '0750',
|
||||
'owner' => 'nova',
|
||||
'group' => 'nova',
|
||||
'require' => 'Package[nova-common]'
|
||||
|
|
Loading…
Reference in New Issue