[ovirt-users] Problem with reporting

Alon Bar-Lev alonbl at redhat.com
Mon Jun 23 06:58:01 UTC 2014



----- Original Message -----
> From: "Sven Kieske" <S.Kieske at mittwald.de>
> To: users at ovirt.org
> Sent: Monday, June 23, 2014 9:48:36 AM
> Subject: Re: [ovirt-users] Problem with reporting
> 
> This is somewhat..insecure.
> 
> In which ovirt version was this changed to /var/lib, shouldn't this
> qualify for an
> cve entry? I didn't see any security notification coming up for this.

why insecure?

/var/lib/ovirt-engine is secure at the same level of /var/tmp/ovirt-engine

it was moved to avoid automatic tools that assumes that assume that a file can deleted if had not been modified for x days.

> 
> Am 23.06.2014 08:27, schrieb Alon Bar-Lev:
> > his is the deployment location.... jboss is managing its "deployments" in a
> > place in which it can write files, so we set it to /var/tmp
> 
> --
> Mit freundlichen Grüßen / Regards
> 
> Sven Kieske
> 
> Systemadministrator
> Mittwald CM Service GmbH & Co. KG
> Königsberger Straße 6
> 32339 Espelkamp
> T: +49-5772-293-100
> F: +49-5772-293-333
> https://www.mittwald.de
> Geschäftsführer: Robert Meyer
> St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen
> Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
> 



More information about the Users mailing list