encipher or remove sensitive credentials from zookeeper

Bug #966601 reported by Jamie Strandboge
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
juju (Ubuntu)
Triaged
High
Unassigned
Precise
Won't Fix
High
Unassigned
Quantal
Won't Fix
Undecided
Unassigned

Bug Description

This is a tracking bug for a dependency of the juju MIR (bug #912861).

Some of this is discussed in bug #907094, but that deals solely with AWS. Should try to remove sensitive credentials like access-key, secret-key and admin-secret from zookeeper. The should be done even if ACLs are in place in an effort to provide security in depth and guard against configuration or implementation errors in juju and/or zookeeper.

Changed in juju (Ubuntu Precise):
importance: Undecided → High
tags: removed: rls-p-tracking
Changed in juju (Ubuntu Quantal):
status: Triaged → Won't Fix
Revision history for this message
Steve Langasek (vorlon) wrote :

The Precise Pangolin has reached end of life, so this bug will not be fixed for that release

Changed in juju (Ubuntu Precise):
status: Triaged → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.