diff options
author | James Falcon <james.falcon@canonical.com> | 2023-04-26 15:11:55 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-04-26 15:11:55 -0500 |
commit | a378b7e4f47375458651c0972e7cd813f6fe0a6b (patch) | |
tree | bb1d6197c013773f723503f07b0a0daa7c67a8de /tests/integration_tests/bugs/test_lp1900837.py | |
parent | c1b4722036a1ad3f683b7942db4d07639f88dcd2 (diff) | |
download | cloud-init-git-a378b7e4f47375458651c0972e7cd813f6fe0a6b.tar.gz |
Make user/vendor data sensitive and remove log permissions (#2144)
Because user data and vendor data may contain sensitive information,
this commit ensures that any user data or vendor data written to
instance-data.json gets redacted and is only available to root user.
Also, modify the permissions of cloud-init.log to be 640, so that
sensitive data leaked to the log isn't world readable.
Additionally, remove the logging of user data and vendor data to
cloud-init.log from the Vultr datasource.
LP: #2013967
CVE: CVE-2023-1786
Diffstat (limited to 'tests/integration_tests/bugs/test_lp1900837.py')
0 files changed, 0 insertions, 0 deletions