mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2024-09-19 23:19:52 +00:00
Code Issues Packages Projects Releases Wiki Activity
dd668e59f1
ceph-csi/pkg/util
History
Niels de Vos dd668e59f1 Address security concerns reported by 'gosec' 
gosec reports several issues, none of them looks very critical. With
this change the following concerns have been addressed:

[pkg/cephfs/nodeserver.go:229] - G302: Expect file permissions to be 0600 or less (Confidence: HIGH, Severity: MEDIUM)
  > os.Chmod(targetPath, 0777)

[pkg/cephfs/util.go:39] - G204: Subprocess launched with variable (Confidence: HIGH, Severity: MEDIUM)
  > exec.Command(program, args...)

[pkg/rbd/nodeserver.go:156] - G302: Expect file permissions to be 0600 or less (Confidence: HIGH, Severity: MEDIUM)
  > os.Chmod(stagingTargetPath, 0777)

[pkg/rbd/nodeserver.go:205] - G302: Expect file permissions to be 0600 or less (Confidence: HIGH, Severity: MEDIUM)
  > os.OpenFile(mountPath, os.O_CREATE|os.O_RDWR, 0750)

[pkg/rbd/rbd_util.go:797] - G304: Potential file inclusion via variable (Confidence: HIGH, Severity: MEDIUM)
  > ioutil.ReadFile(fPath)

[pkg/util/cephcmds.go:35] - G204: Subprocess launched with variable (Confidence: HIGH, Severity: MEDIUM)
  > exec.Command(program, args...)

[pkg/util/credentials.go:47] - G104: Errors unhandled. (Confidence: HIGH, Severity: LOW)
  > os.Remove(tmpfile.Name())

[pkg/util/credentials.go:92] - G104: Errors unhandled. (Confidence: HIGH, Severity: LOW)
  > os.Remove(cr.KeyFile)

[pkg/util/pidlimit.go:74] - G304: Potential file inclusion via variable (Confidence: HIGH, Severity: MEDIUM)
  > os.Open(pidsMax)

URL: https://github.com/securego/gosec
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2019-09-04 11:48:37 +00:00
..
cachepersister.go provide option to set pluginpath for cephfs 2019-07-25 14:47:42 +05:30
cephcmds.go Address security concerns reported by 'gosec' 2019-09-04 11:48:37 +00:00
cephconf.go Avoid keyring message while logging 2019-07-25 09:48:09 +00:00
credentials.go Address security concerns reported by 'gosec' 2019-09-04 11:48:37 +00:00
csiconfig_test.go Removed config maps and replaced with rados omaps 2019-05-19 12:29:33 +00:00
csiconfig.go Removed config maps and replaced with rados omaps 2019-05-19 12:29:33 +00:00
errors.go Refactor voljournal to aid reuse with CephFS 2019-05-30 09:58:40 +00:00
httpserver.go implement grpc metrics for ceph-csi 2019-08-30 06:50:32 +00:00
idlocker_test.go Move locks to more granular locking than CPU count based 2019-07-01 14:10:14 +00:00
idlocker.go Move locks to more granular locking than CPU count based 2019-07-01 14:10:14 +00:00
k8scmcache.go Enable all static-checks in golangci-lint 2019-06-10 15:56:17 +05:30
log.go switch to cephfs, utils, and csicommon to new loging system 2019-08-29 14:04:31 +00:00
nodecache.go Enable all static-checks in golangci-lint 2019-06-10 15:56:17 +05:30
pidlimit_test.go provisioners: add reconfiguring of PID limit 2019-08-13 14:43:29 +00:00
pidlimit.go Address security concerns reported by 'gosec' 2019-09-04 11:48:37 +00:00
stripsecrets.go Use --keyfile option to pass keys to all Ceph CLIs 2019-07-25 12:46:15 +00:00
util.go implement grpc metrics for ceph-csi 2019-08-30 06:50:32 +00:00
validate.go Move mounting staging instance to a sub-path within staging path 2019-08-13 14:07:52 +00:00
volid_test.go Make CephFS plugin stateless reusing RADOS based journal scheme 2019-05-30 06:20:35 -04:00
volid.go Enable all static-checks in golangci-lint 2019-06-10 15:56:17 +05:30
voljournal.go switch to cephfs, utils, and csicommon to new loging system 2019-08-29 14:04:31 +00:00