Changed mode of /var/log/nova to 0750

If directory is world executable, it means when somebody
knows proper filenames (and everybody knows default names)
then the directory is "vulnerable".

Change-Id: Icdd68f5178debdd2368d3c02c94419be4f2935a8
This commit is contained in:
Martin Magr 2013-05-06 15:36:17 +02:00
parent 2feb83d627
commit 393c95d1ad
2 changed files with 2 additions and 2 deletions

View File

@ -125,7 +125,7 @@ class nova(
file { $logdir:
ensure => directory,
mode => '0751',
mode => '0750',
}
file { '/etc/nova/nova.conf':
mode => '0640',

View File

@ -36,7 +36,7 @@ describe 'nova' do
it { should contain_file('/var/log/nova').with(
'ensure' => 'directory',
'mode' => '0751',
'mode' => '0750',
'owner' => 'nova',
'group' => 'nova',
'require' => 'Package[nova-common]'