Ensure no directory listing is active
By default, puppetlabs-apache module enables Indexes option, which can
lead in data/structure leak.
The following patch disable that option on a global base, since we
shouldn't need such a feature.
Closes-Bug: #1854442
Change-Id: Icba53f4e32237556608f4cb6dcd9da1a71705c19
(cherry picked from commit ad48860b75
)
This commit is contained in:
parent
94b2016927
commit
6357ffa748
|
@ -320,6 +320,7 @@ define openstacklib::wsgi::apache (
|
|||
error_log_file => $error_log_file,
|
||||
error_log_pipe => $error_log_pipe,
|
||||
error_log_syslog => $error_log_syslog,
|
||||
options => ['-Indexes', '+FollowSymLinks','+MultiViews'],
|
||||
}
|
||||
|
||||
Package<| title == 'httpd' |>
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
security:
|
||||
- Do not authorize directory listing
|
||||
fixes:
|
||||
- rhbz#1778052
|
||||
- LP#1854442
|
|
@ -94,7 +94,8 @@ describe 'openstacklib::wsgi::apache' do
|
|||
:access_log_format => false,
|
||||
:error_log_file => nil,
|
||||
:error_log_pipe => nil,
|
||||
:error_log_syslog => nil
|
||||
:error_log_syslog => nil,
|
||||
:options => ['-Indexes', '+FollowSymLinks','+MultiViews'],
|
||||
)}
|
||||
|
||||
it { should contain_concat("#{platform_params[:httpd_ports_file]}") }
|
||||
|
|
Loading…
Reference in New Issue