Uploaded image for project: 'Ambari'
  1. Ambari
  2. AMBARI-25390

Ambari is indexing all subdirectories contents under /resources folder via API.

    XMLWordPrintableJSON

Details

    Description

      GET /resources gives back the directory content of /var/lib/ambari-server/resources. The directory doesn't contain any sensitive information, only files which are already visible on github. But it might freak out security guys therefore it's best to disable the listing.

      Attachments

        Issue Links

          is related to

          Task - A task that needs to be done. AMBARI-25252 Disable directory Indexing at /resources

          • Major - Major loss of function.
          • Resolved
          links to

          GitHub PR#3495 GitHub PR#3495

          Web Link GitHub Pull Request #3093

          Web Link GitHub Pull Request #3094

          Activity

            People

              aonishuk Andrew Onischuk
              aonishuk Andrew Onischuk
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 1.5h
                  1.5h