Uploaded image for project: 'CFEngine Community'
  1. CFEngine Community
  2. CFE-2700

Feature request: increase security by tightening permissions on /var/cfengine

    XMLWordPrintable

    Details

    • Type: Story
    • Status: Open
    • Priority: Medium
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Packaging
    • Labels:
      None

      Description

      Hello,

      CFEngine is pretty strict about permissions on /var/cfengine/inputs, which is great, security-wise:

      # ls -lhd /var/cfengine/inputs/
      drwx------ 11 root root 4.0K Oct 12 20:35 /var/cfengine/inputs/
      #

       

      But /var/cfengine is wide open:

      #   ls -lhd /var/cfengine/
      drwxr-xr-x 17 root root 4.0K Oct 12 20:35 /var/cfengine/
      #
      

      I propose setting same permissions ("ou-rwx") on /var/cfengine to increase security.

        Attachments

          Activity

            People

            • Assignee:
              a10003 Eystein Maloy Stenberg
              Reporter:
              atsaloli Aleksey Tsalolikhin
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:

                Summary Panel