mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-11-10 00:10:20 +00:00
util: create ceph.conf with 0600 permissions
The generated ceph.conf does not need readable by the group, there is only one (system) user consuming the configurations file. This addresses the following gosec warning: [/go/src/github.com/ceph/ceph-csi/internal/util/cephconf.go:52] - G306 (CWE-): Expect WriteFile permissions to be 0600 or less (Confidence: HIGH, Severity: MEDIUM) > ioutil.WriteFile(CephConfigPath, cephConfig, 0640) Signed-off-by: Niels de Vos <ndevos@redhat.com>
This commit is contained in:
parent
16c4e33b09
commit
30dc83c3bb
@ -49,7 +49,7 @@ func WriteCephConfig() error {
|
||||
return err
|
||||
}
|
||||
|
||||
err := ioutil.WriteFile(CephConfigPath, cephConfig, 0640)
|
||||
err := ioutil.WriteFile(CephConfigPath, cephConfig, 0600)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user