On Mon, Feb 10, 2014 at 05:42:08PM +0100, Thomas Biege wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi, > are there plans to rename the eventlet_backdoor.py module used in the > OpenStack code at various places? > > The naming is bad and creates the impression that a backdoor is in > OpenStack. In the current situation it might be an issue the > press/blogs are waiting for. > > Even if renamed the openstack documentation should make it very clear > what happens if the admins switches on this option. > > What do you think? NB if you enable this feature you basically *have* setup a backdoor into the app for anyone who can connect to the nominated TCP port. So in that sense this is actually accurately named and should serve to discourage any deployers from enabling it without considering the consequences. Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|