security-doc

History

Chris MacNaughton 882ec823e3 Update permission checks to include top level directory checks By expanding the scope of the checks, we can maintain a higher level of security by ensuring that newly created files created in project configuration folders are restricted in the same way as those listed, without hoping that projects update these checks when they create these files. For example, making /etc/keystone/keystone.conf have ownership settings of root:keystone with permissions of 640 is practically the same as giving /etc/keystone settings of root:keystone with permissions of 750 as the same user restrictions apply. Change-Id: I53d395e0d17bdfbdb08b71431b0af29506b94aa9	2019-04-01 06:26:30 +00:00
..
checklist.rst	Update permission checks to include top level directory checks	2019-04-01 06:26:30 +00:00
volume_wiping.rst	Remove LVM "shred" volume_clear option	2018-02-20 14:37:53 +00:00

Chris MacNaughton 882ec823e3 Update permission checks to include top level directory checks

By expanding the scope of the checks, we can maintain a higher
level of security by ensuring that newly created files created
in project configuration folders are restricted in the same
way as those listed, without hoping that projects update these
checks when they create these files.

For example, making /etc/keystone/keystone.conf have ownership
settings of root:keystone with permissions of 640 is practically
the same as giving /etc/keystone settings of root:keystone with
permissions of 750 as the same user restrictions apply.

Change-Id: I53d395e0d17bdfbdb08b71431b0af29506b94aa9

2019-04-01 06:26:30 +00:00

checklist.rst

Update permission checks to include top level directory checks

2019-04-01 06:26:30 +00:00

volume_wiping.rst

Remove LVM "shred" volume_clear option

2018-02-20 14:37:53 +00:00