mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2024-11-22 06:10:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

util: create ceph.conf with 0600 permissions

Browse Source 
The generated ceph.conf does not need readable by the group, there is
only one (system) user consuming the configurations file.

This addresses the following gosec warning:

    [/go/src/github.com/ceph/ceph-csi/internal/util/cephconf.go:52] - G306 (CWE-): Expect WriteFile permissions to be 0600 or less (Confidence: HIGH, Severity: MEDIUM)
      > ioutil.WriteFile(CephConfigPath, cephConfig, 0640)

Signed-off-by: Niels de Vos <ndevos@redhat.com>
This commit is contained in:
Niels de Vos 2020-06-30 11:34:01 +02:00 committed by mergify[bot]
parent 16c4e33b09
commit 30dc83c3bb
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
internal/util/cephconf.go
View File

@ -49,7 +49,7 @@ func WriteCephConfig() error {
return err
}
err := ioutil.WriteFile(CephConfigPath, cephConfig, 0640)
err := ioutil.WriteFile(CephConfigPath, cephConfig, 0600)
if err != nil {
return err
}