Devstack Security Vulnerabilities - 2013

CVE-2013-1977

OpenStack devstack uses world-readable permissions for keystone.conf, which allows local users to obtain sensitive information such as the LDAP password and admin_token secret by reading the file.