Instance root-password is logged in plain-text
Bug #920687 reported by
Rick Harris
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Fix Released
|
High
|
Rick Harris | ||
Diablo |
Fix Released
|
Undecided
|
Russell Bryant |
Bug Description
nova.rpc is logging the dict that is passed to the compute worker which contains the key `new_pass` that has the instance-
The proposed fix is to sanitize the dictionary before logging and replacing the value with something like '<PASSWORD>'.
Changed in nova: | |
assignee: | nobody → Rick Harris (rconradharris) |
importance: | Undecided → High |
status: | New → In Progress |
Changed in nova: | |
milestone: | none → essex-3 |
status: | Fix Committed → Fix Released |
Changed in nova: | |
milestone: | essex-3 → 2012.1 |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/3328
Review: https:/