Example charm encourages bad practices
Bug #1269150 reported by
James Troup
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Juju Website |
New
|
Undecided
|
Nick Veitch | ||
Bug Description
https:/
some very bad practices, e.g.
| chmod -R 777 /var/www/
This makes these files writable by *any* user on the instance which is
not a good idea.
| wget "$dl" -O /tmp/vanilla.tar.gz
This is a security vulnerability as /tmp is a shared resource.
| cp /var/www/
id.
I appreciate this is an example charm and you probably don't want to
make it more complicated than necessary but I also feel we probably
shouldn't make it such that the first charm that a prospective charm
writer sees is full of dangerous practices like these.
| Changed in juju-website: | |
| assignee: | nobody → Nick Veitch (evilnick) |
To post a comment you must log in.
