github.com/openshift/installer uses insecure file permissions. The kubeconfig
and kubeadmin-password
files are created with world readable file missions during default installation, potentially allowing a local user to retrieve confidential information such as usernames and passwords.