Actions
Bug #9841
closedBootstrap log contains validation.pem
Description
We keep /tmp/bootstrap-* file with log of finish provisioning template which may contain validation.pem (a private key for the node). Unfortunately, it's world readable.
Updated by Marek Hulán almost 9 years ago
- Status changed from New to Rejected
- Assignee set to Marek Hulán
It's only in script file itself which can be read only by root. 0701 mode is being set since 1.3 (when ssh orchestration was introduced).
Actions