Permission for filebeat.yml with credentials in it #541

poloz-lab · 2022-08-04T14:30:48Z

As the credentials for filebeat are stored in the config file and not the keystore, it should be better to at least hide them from non privileged users.

This PR removes read permission for other users to the filebeat.yml config file.

Fixes #540

…e stored in it

vcerenu

Hello @poloz-lab

Thanks for your patience and contribution. We are working hard to review all the requests as soon as possible. Currently, we are reviewing this PR.

The development of this PR is greatly appreciated, we will be merging it and it will be available in the next Wazuh release.

Thank you very much and if you have any questions or ideas, do not hesitate to contact us.

Remove access from the filebeat config to others since credentials ar…

e2a2eb6

…e stored in it

vcerenu self-assigned this Aug 9, 2022

vcerenu added the community label Aug 9, 2022

vcerenu approved these changes Aug 9, 2022

View reviewed changes

vcerenu mentioned this pull request Aug 9, 2022

Change permission for filebeat.yml #540

Closed

teddytpc1 approved these changes Aug 9, 2022

View reviewed changes

okynos approved these changes Aug 10, 2022

View reviewed changes

okynos merged commit a887f80 into wazuh:4.3 Aug 10, 2022

poloz-lab deleted the feature-540-permission-filebeat-yml branch August 10, 2022 07:27

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Permission for filebeat.yml with credentials in it #541

Permission for filebeat.yml with credentials in it #541

poloz-lab commented Aug 4, 2022

vcerenu left a comment

Permission for filebeat.yml with credentials in it #541

Permission for filebeat.yml with credentials in it #541

Conversation

poloz-lab commented Aug 4, 2022

vcerenu left a comment

Choose a reason for hiding this comment