Open Stack

Hello all,

We have a security problem in Fuel 7.0. It's related to plugin
development and allows to execute code in mcollective docker container
on Fuel master node. Any fuel plugin may contains a yaml file with
deployment tasks (tasks.yaml, deployment_tasks.yaml etc) and there is
an ability to run some code on node with role "master". It's also
possible to connect to any target node via ssh without a password from
within the container.

As i understood, it was made to simplify some deployment cases. I see
some steps for resolving this situation:
 1. Fuel team should disallow
execution of any puppet manifests or bash code on nodes with master
role.
 2. Append the Fuel documentation. Notify users about this
security issue.

What do you think about it? What deployment cases which require
execution of code on role "master" do you know?

-- 
Best regards,
 Alexey
 Deployment Engineer
 Mirantis, Inc
 Cell: +7 (968) 880 2288
 Skype: shikelbober
 Slack: aelagin
 mailto:aelagin at mirantis.com