Bug #26007 | Config files containing keystore passwords are world readable | ||
---|---|---|---|
Submitted: | 1 Feb 2007 14:08 | Modified: | 21 Feb 2007 14:38 |
Reporter: | Mark Leith | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Enterprise Monitor: Configuration | Severity: | S2 (Serious) |
Version: | OS: | ||
Assigned to: | BitRock Merlin | CPU Architecture: | Any |
[1 Feb 2007 14:08]
Mark Leith
[14 Feb 2007 13:30]
BitRock Merlin
Patch sent to Keith
[21 Feb 2007 14:38]
Mark Leith
Hi Bitrock, I'm closing this now (nothing *serious*) is world readable, however the tomcat-users.xml file is still world readable - so this should still be fixed at some point. [markleith@medusa:~/mysql/network/monitoring/apache-tomcat/conf] $ ll total 216 drwx------ 3 markleit markleit 102 Feb 21 14:20 Catalina -rw------- 1 markleit markleit 7455 Sep 12 16:12 catalina.policy -rw------- 1 markleit markleit 3114 Sep 12 16:12 catalina.properties -rw------- 1 markleit markleit 330 Sep 12 16:12 context.xml -rw------- 1 markleit markleit 2824 Sep 12 16:12 logging.properties -rw------- 1 markleit markleit 236 Feb 21 14:22 merlin.xml -rw------- 1 markleit markleit 1393 Feb 21 06:40 myKeystore -rw------- 1 markleit markleit 851 Sep 12 16:12 server-minimal.xml -rw------- 1 markleit markleit 19470 Feb 21 14:21 server.xml -rw-r--r-- 1 markleit markleit 310 Feb 21 14:22 tomcat-users.xml -rw------- 1 markleit markleit 49382 Sep 12 16:12 web.xml Verified "fixed" on 1.1.0.4785