No idea, but +1 on removing it. From: Sebastien Goasguen <run...@gmail.com<mailto:run...@gmail.com>> Date: Monday, June 2, 2014 at 12:16 AM To: "dev@cloudstack.apache.org<mailto:dev@cloudstack.apache.org>" <dev@cloudstack.apache.org<mailto:dev@cloudstack.apache.org>>, Alex Huang <alex.hu...@citrix.com<mailto:alex.hu...@citrix.com>>, Chiradeep Vittal <chiradeep.vit...@citrix.com<mailto:chiradeep.vit...@citrix.com>> Subject: Re: Why does cloudstack-setup-management make /root writable?
On May 31, 2014, at 11:14 AM, Milamber <milam...@apache.org<mailto:milam...@apache.org>> wrote: A related ticket has been open in Jira https://issues.apache.org/jira/browse/CLOUDSTACK-6673 Let me copy Alex and Chiradeep, they might have some background about this. Le 31/05/2014 08:27, ilya musayev a ecrit : I really dont know why. I guess we can figure out who made the commit and ask for rationale on this, but i'm not aware of any reason why /root must be 777. Big security hole in my opinion. I'd say to give it a try in your env first, if your tests pass, commit. On 5/31/14, 12:06 AM, Yoshikazu Nojima wrote: Hi, Does anyone know the reason why cloudstack-setup-management make /root directory mode 777 in ubuntu? https://github.com/apache/cloudstack/blob/master/python/lib/cloudutils/serviceConfig.py#L767 If no one have objection, I will remove this code. Regards, Noji
