Secure /etc/kibana/kibana.yml #6

varac · 2017-03-31T12:22:34Z

Feature Request

Currently, /etc/kibana/kibana.yml is world-readable.
Please make it RW only for the elasticsearch user.

Feature Description

When storing credentials inside kibana.yml it shoul not be readable by any other user than the elasticsearch user for security reasons.

The text was updated successfully, but these errors were encountered:

tylerjl · 2017-03-31T13:26:05Z

Thanks for the issue @varac. There's no guarantee that Elasticsearch will be on the same system as a host running Kibana, but the Kibana packages do create a kibana system user that the service runs under. Would changing the permissions to 0660 for the kibana:kibana or root:root work?

varac · 2017-03-31T13:38:42Z

@tylerjl Sorry, I was not looking properly. It should indeed get the permissions and ownership you are proposing.

varac · 2017-03-31T14:37:58Z

Thx !

Resolves voxpupuli#6

tylerjl added the enhancement New feature or request label Mar 31, 2017

tylerjl closed this as completed in 9e93def Mar 31, 2017

cegeka-jenkins pushed a commit to cegeka/puppet-kibana that referenced this issue Nov 4, 2020

manifests: enforce kibana ownership on config file

a4773c1

Resolves voxpupuli#6

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Secure /etc/kibana/kibana.yml #6

Secure /etc/kibana/kibana.yml #6

varac commented Mar 31, 2017

tylerjl commented Mar 31, 2017

varac commented Mar 31, 2017

varac commented Mar 31, 2017

Secure /etc/kibana/kibana.yml #6

Secure /etc/kibana/kibana.yml #6

Comments

varac commented Mar 31, 2017

Feature Request

Feature Description

tylerjl commented Mar 31, 2017

varac commented Mar 31, 2017

varac commented Mar 31, 2017