[Openstack-security] [Bug 1158328] Re: passwords in config files stored in plaintext
Duncan Thomas
duncan.thomas at gmail.com
Wed Sep 17 16:27:46 UTC 2014
This affects cinder (and many other projects) - we'd welcome a good
solution, though I've no idea what that might be
** Also affects: cinder
Importance: Undecided
Status: New
** Changed in: cinder
Importance: Undecided => Wishlist
** Changed in: cinder
Status: New => Confirmed
--
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1158328
Title:
passwords in config files stored in plaintext
Status in Cinder:
Confirmed
Status in OpenStack Compute (Nova):
Won't Fix
Bug description:
The credentials for database conenctions and the keystone authtoken
are stored in plaintext within the nova.conf and apipaste config
files.
These values should be encrypted. A scheme similar to /etc/shadow
would be great.
To manage notifications about this bug go to:
https://bugs.launchpad.net/cinder/+bug/1158328/+subscriptions
More information about the Openstack-security
mailing list