[openstack-dev] [openstack-ansible] Security hardening

Major Hayden major at mhtx.net
Thu Sep 10 21:20:31 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 09/10/2015 01:21 PM, Clint Byrum wrote:
> Just a thought from somebody outside of this. If OSAD can provide the
> automation, turned off by default as a convenience, and run a bank of
> tests with all of these turned on to make sure they do actually work with
> the stock configuration, you'll get more traction this way. Docs should
> be the focus of this effort, but the effort should be on explaining how
> it fits into the system so operators who are customizing know when they
> will have to choose a less secure path. One should be able to have code
> do the "turn it on" "turn it off" mechanics.

I'm completely in agreement on this one. ;)

- --
Major Hayden
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJV8fQcAAoJEHNwUeDBAR+x1BIP/jkq0Gd2SuPcWbMU53xADj1W
ml8VtfkJwT/gs1v8Kfd/6OWzUG6DKG+Qk3HR/uAjOUxyYAWYjLcV7aRc3EhDfHqs
8OxoXqy85hPZCiMDFy6apQOsr//5WDYnFig1RPMtHjsEPto+ewJTTMhD8cD2SNC/
/TtCWYEP7pC2pxu8kJCGtJnptGEeg0SL78/MXLjMaKhXV++yrIIyFiqFlKIb2XW9
i4wgm9TAPd6Rs27AY9ew3GFS6UVCm/9nmcw2fqSN639ukTYoLent+NGXNvNEEQ2M
6Gn1hStPS08MYj97dvYrA5aFpVz7q6Jp1GM5DAk3wPAYnrFriU4WNOTdQtzAdlQz
crs4OevM+r/3y1AMcLNmCBMIdOCMwAftjr01sGbU7fHHr2jeUM2p9q/OZkWp56CZ
0YI5Gse9KugNuKNAN8rITM4QgslJOESQu4PxNOhoKCrP+hjQ6bh6K1vVGADNplTM
qG0zD5Jhdbmv42Eud/lQrkth5+aAvZKz+gOsRauTWjbwcRLaX8qT5yBPRJEq3OO9
GhdgN3IRszlUu+TTNXv96ENROOA6DERnx2HmJtBm8EpV1vOIo5tGgsE5IUuPjqnr
BEWkosgMz+ooaLQd6hnnHm88a6WVMcbbZ4pPOywXsgDwEBzCn+rVQ+3sIVrebEdI
pxYuv/fx8oR8G3YAMsLn
=Y66T
-----END PGP SIGNATURE-----



More information about the OpenStack-dev mailing list