882ec823e3
By expanding the scope of the checks, we can maintain a higher level of security by ensuring that newly created files created in project configuration folders are restricted in the same way as those listed, without hoping that projects update these checks when they create these files. For example, making /etc/keystone/keystone.conf have ownership settings of root:keystone with permissions of 640 is practically the same as giving /etc/keystone settings of root:keystone with permissions of 750 as the same user restrictions apply. Change-Id: I53d395e0d17bdfbdb08b71431b0af29506b94aa9 |
||
---|---|---|
.. | ||
authentication-methods.rst | ||
authentication.rst | ||
authorization.rst | ||
checklist.rst | ||
domains.rst | ||
federated-keystone.rst | ||
policies.rst | ||
tokens.rst |