Uploaded image for project: 'Zeppelin'
  1. Zeppelin
  2. ZEPPELIN-2068

Change credentials.json and interpreter.json access permission to 0600

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Critical
    • Resolution: Fixed
    • 0.7.0
    • 0.8.0
    • None

    Description

      credentials.json and interpreter.json are created with default group-readable and world-readable permissions.

      Both files can store passwords.

      interpreter.json can store passwords, for example, if we have a custom repository - it'll be stored there clear text.

      credentials.json obviously store passwords too

      Please change default file permissions for credentials.json and interpreter.json to 0600.

      Other users should not see clear text passwords.

      Attachments

        Activity

          People

            Ahyoung Ahyoung Ryu
            Tagar Ruslan Dautkhanov
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: