encipher or remove sensitive credentials from zookeeper
Bug #966601 reported by
Jamie Strandboge
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
juju (Ubuntu) |
Triaged
|
High
|
Unassigned | ||
Precise |
Won't Fix
|
High
|
Unassigned | ||
Quantal |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
This is a tracking bug for a dependency of the juju MIR (bug #912861).
Some of this is discussed in bug #907094, but that deals solely with AWS. Should try to remove sensitive credentials like access-key, secret-key and admin-secret from zookeeper. The should be done even if ACLs are in place in an effort to provide security in depth and guard against configuration or implementation errors in juju and/or zookeeper.
Changed in juju (Ubuntu Precise): | |
importance: | Undecided → High |
tags: | removed: rls-p-tracking |
Changed in juju (Ubuntu Quantal): | |
status: | Triaged → Won't Fix |
To post a comment you must log in.
The Precise Pangolin has reached end of life, so this bug will not be fixed for that release