named.conf.rndc.maas is insecure by default
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
maas (Ubuntu) |
Fix Released
|
Critical
|
Raphaël Badin |
Bug Description
After default installation the following permissions are applied:
-rw-r--r-- 1 maas root 193 Oct 15 14:37 /etc/bind/
This makes the bind communication key readable to all users of the system
ProblemType: Bug
DistroRelease: Ubuntu 12.10
Package: maas-dns 0.1+bzr1264+
ProcVersionSign
Uname: Linux 3.5.0-17-generic i686
ApportVersion: 2.6.1-0ubuntu3
Architecture: i386
Date: Mon Oct 15 17:10:58 2012
InstallationMedia: Ubuntu-Server 12.10 "Quantal Quetzal" - Release i386 (20121014)
PackageArchitec
ProcEnviron:
LANGUAGE=en_US:en
TERM=xterm-
PATH=(custom, no user)
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: maas
UpgradeStatus: No upgrade log present (probably fresh install)
Related branches
- Raphaël Badin (community): Disapprove
- Zygmunt Krynicki (community): Needs Information
- Martin Packman (community): Approve
-
Diff: 30 lines (+9/-0)2 files modifiedsrc/provisioningserver/dns/config.py (+1/-0)
src/provisioningserver/dns/tests/test_config.py (+8/-0)
- Julian Edwards (community): Approve
- Andres Rodriguez: Pending requested
-
Diff: 40 lines (+9/-3)2 files modifieddebian/changelog (+3/-1)
debian/maas-dns.postinst (+6/-2)
- Julian Edwards (community): Approve
- Andres Rodriguez: Pending requested
-
Diff: 40 lines (+9/-3)2 files modifieddebian/changelog (+3/-1)
debian/maas-dns.postinst (+6/-2)
Changed in maas: | |
milestone: | none → 12.10 |
Changed in maas: | |
milestone: | 12.10 → 12.10-stabilization |
Changed in maas (Ubuntu): | |
status: | In Progress → Fix Released |
setup_rndc() (in src/provisionin gserver/ dns/config. py) should be fixed to write the file with the appropriate permissions.