[Ovirt-devel] [PATCH server] secure the perissions on the ovirt.pp manifest file
Joey Boggs
jboggs at redhat.com
Mon Mar 2 15:33:00 UTC 2009
Jeremy Katz wrote:
> On Monday, March 02 2009, Joey Boggs said:
>
>> Jeremy Katz wrote:
>>
>>> On Thursday, February 26 2009, Joey Boggs said:
>>>
>>>> Jeremy Katz wrote:
>>>>
>>>>> On Wednesday, February 25 2009, Joey Boggs said:
>>>>>
>>>>>> Secures the permissions on ovirt.pp to only allow only root read/write access all other 000
>>>>>>
>>> [snip]
>>>
>>>> If we move the chmod right after the file is created is that better
>>>> or wrong since the file is open while we performing the operation?
>>>> Set to 600 as well
>>>>
>>>
>>>
>>>> ----------------------------------------------------------------
>>>> FileUtils.mkdir_p("/usr/share/ace/appliances/ovirt")
>>>> config_file = File.new("/usr/share/ace/appliances/ovirt/ovirt.pp", "w")
>>>> File.chmod 0600, '/usr/share/ace/appliances/ovirt/ovirt.pp'
>>>>
>>> A quick look at the ruby docs and File.new takes a permission argument.
>>> So config_file = File.new("/path", "w", 0600) should be better[1]
>>>
>>>
>> Last go at it :)
>>
>
> Looks good
>
> Jeremy
>
pushed
More information about the ovirt-devel
mailing list