FS#70145 : [prometheus] /var/lib/prometheus should not be world readable

FS#70145 - [prometheus] /var/lib/prometheus should not be world readable

Attached to Project: Arch Linux
Opened by Jakub Klinkovský (lahwaacz) - Wednesday, 24 March 2021, 08:43 GMT
Last edited by Jelle van der Waa (jelly) - Monday, 20 September 2021, 07:36 GMT

Task Type	Bug Report
Category	Packages: Extra
Status	Closed
Assigned To	Jelle van der Waa (jelly) Johannes Löthberg (demize)
Architecture	All
Severity	Low
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

/var/lib/prometheus is created as 755 (world readable) in the PKGBUILD and Prometheus creates the files/directories with the default umask. Metrics aren't secrets, but I don't think they should be world readable.

See also https://gitlab.archlinux.org/archlinux/infrastructure/-/issues/289

This task depends upon

Closed by Jelle van der Waa (jelly)
Monday, 20 September 2021, 07:36 GMT
Reason for closing: Fixed
Additional comments about closing: prometheus-2.30.0-1-x86_64.pkg.tar.zst

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#70145 - [prometheus] /var/lib/prometheus should not be world readable

Details

Loading...