Infra template marked as sensitive, but file on disk is world readable.

djoos-cookbooks / newrelic

Development repository for the newrelic cookbook

https://supermarket.chef.io/cookbooks/newrelic

MIT License

143 stars 245 forks source link

Infra template marked as sensitive, but file on disk is world readable. #347

Closed mynamewastaken closed 6 years ago

mynamewastaken commented 6 years ago

https://github.com/djoos-cookbooks/newrelic/blob/46fb82d068a19dc1eb8470395902293dbb0c5074/providers/agent_infrastructure.rb#L35-L39

What's the rationale behind this? If it should be sensitive, consider changing the file permissions to 600 or something, or else, remove the sensitive attribute. I'm happy to make a PR if this isn't intended behavior.

djoos commented 6 years ago

Hi there,

sensitive got added to prevent the innards from showing up in Chef client run logs. However, happy for you to send a PR with tighter file permissions.

Thanks in advance! David