Remove the /etc/security directory from the guest vm-support bundle.

This directory contains sensitive guest side data that we should not
expose to the host side.

Although running the vm-support requires the root privilege in the guest,
the guest admin might not be aware of the ramification of running the script.
Therefore, better be cautious.

No file from the /etc/security has been needed in the past.  If any file is
needed in the future, that need will be evaluated case-by-case at that time.

diff --git a/open-vm-tools/scripts/common/vm-support b/open-vm-tools/scripts/common/vm-support
index 02abd16db33fd99de68f02948944d76d3ddcbcba..98be74c65adb33960b616d28fb347d25a4ada85d 100644 (file)
--- a/open-vm-tools/scripts/common/vm-support
+++ b/open-vm-tools/scripts/common/vm-support
@@ -1,6 +1,6 @@
 #!/bin/sh
 ##########################################################
-# Copyright (C) 2006-2018 VMware, Inc. All rights reserved.
+# Copyright (C) 2006-2019 VMware, Inc. All rights reserved.
 #
 # This program is free software; you can redistribute it and/or modify it
 # under the terms of the GNU Lesser General Public License as published
@@ -192,7 +192,6 @@ stageLinux()
    addfile /etc/cron.weekly
    addfile /etc/crontab
    addfile /etc/ntp.conf
-   addfile /etc/security
    addfile /etc/services
    addfile /proc/interrupts
    addfile /proc/irq