delta/cloud-init-git.git - github.com: canonical/cloud-init.git

diff options

author	James Falcon <james.falcon@canonical.com>	2023-04-26 15:11:55 -0500
committer	GitHub <noreply@github.com>	2023-04-26 15:11:55 -0500
commit	a378b7e4f47375458651c0972e7cd813f6fe0a6b (patch)
tree	bb1d6197c013773f723503f07b0a0daa7c67a8de /tests/integration_tests/bugs/test_lp1900837.py
parent	c1b4722036a1ad3f683b7942db4d07639f88dcd2 (diff)
download	cloud-init-git-a378b7e4f47375458651c0972e7cd813f6fe0a6b.tar.gz

Make user/vendor data sensitive and remove log permissions (#2144)

Because user data and vendor data may contain sensitive information, this commit ensures that any user data or vendor data written to instance-data.json gets redacted and is only available to root user. Also, modify the permissions of cloud-init.log to be 640, so that sensitive data leaked to the log isn't world readable. Additionally, remove the logging of user data and vendor data to cloud-init.log from the Vultr datasource. LP: #2013967 CVE: CVE-2023-1786

Diffstat (limited to 'tests/integration_tests/bugs/test_lp1900837.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: