all juju instances (in one environment) use the same credentials for zookeeper, preventing admin acl restrictions

Bug #916057 reported by Robert Collins
This bug affects 1 person
Affects Status Importance Assigned to Milestone

Bug Description

This is a note of a discussion Jim Baker and I had.

I was asking about ways to mitigate bug 804203 and bug 907094 - perhaps by having a charm that applies a policy specific to me to zookeeper: lock out other nodes from changing things they should not, and from reading things that they should not.

Doing this as a charm would allow the core to remain pretty ignorant, while folk could experiment with different policies.

But the key thing to enable this is for different machines to have different accounts in zookeeper, otherwise such a policy cannot be selective about what-can-see-what.

Tags: security
summary: all juju instances (in one environment) use the same credentials for
- zookepeper, preventing admin acl restrictions
+ zookeeper, preventing admin acl restrictions
Revision history for this message
Clint Byrum (clint-fewbar) wrote :

This bug is, at the very least, related to, if not a duplicate of, bug #804203

tags: added: security
Changed in juju:
status: New → Triaged
importance: Undecided → High
Changed in juju:
milestone: none → 0.8
Curtis Hovey (sinzui)
Changed in juju:
importance: High → Low
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.