RE: Question on security facilities and security reviews
For question 1, no, but changing the access right from 644 to 400 should prevent from access other than root. For question 2, no plan on security vulnerabilities
check-up so far, and I’d like if anyone can help on this area.
From: Shawn Y. [via vsm-discuss] [mailto:ml-node+[hidden email]]
Sent: Saturday, December 12, 2015 2:10 AM To: Wang, Yaguang Subject: Question on security facilities and security reviews
1. Should there be some protection on the conf files that containing plaintext passwords? Such as /etc/vsm/vsm.conf, /etc/vsmdeploy/deployrc, etc. The access right for them is 644 now.
2. Beyond question 1, do you have any plan on security vulnerabilities check-up, such as HTTP, XML, and SQL injection; penetration tests, etc?
Thank you very much!
If you reply to this email, your message will be added to the discussion below: