Uploaded image for project: 'Ambari'
  1. Ambari
  2. AMBARI-25252

Disable directory Indexing at /resources

    XMLWordPrintableJSON

Details

    Description

      GET /resources gives back the directory content of /var/lib/ambari-server/resources. The directory doesn't contain any sensitive information, only files which are already visible on github. But it might freak out security guys therefore it's best to disable the listing.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. AMBARI-25390 Ambari is indexing all subdirectories contents under /resources folder via API.

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved
          links to

          GitHub PR#3449 GitHub PR#3449

          Web Link GitHub Pull Request #2936

          Web Link GitHub Pull Request #2939

          Activity

            People

              amagyar Attila Magyar
              amagyar Attila Magyar
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 1h 50m
                  1h 50m