[Openstack-security] [Bug 1158328] Re: passwords in config files stored in plaintext
John Griffith
1158328 at bugs.launchpad.net
Wed Sep 17 18:43:05 UTC 2014
My two cents: Agree with encrypting the password doesn't solve much....
using pluggable options to db auth is the right answer here IMO.
I don't believe this is a bug either, but a feature request. I am
certainly not discounting the importance of this feature, I'm receiving
this question more and more from customers in the field deploying
OpenStack in their internal cloud environments. Maybe we can look at
something in Kilo as a feature/enhancement.
--
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1158328
Title:
passwords in config files stored in plaintext
Status in Cinder:
Confirmed
Status in OpenStack Compute (Nova):
Won't Fix
Bug description:
The credentials for database conenctions and the keystone authtoken
are stored in plaintext within the nova.conf and apipaste config
files.
These values should be encrypted. A scheme similar to /etc/shadow
would be great.
To manage notifications about this bug go to:
https://bugs.launchpad.net/cinder/+bug/1158328/+subscriptions
More information about the Openstack-security
mailing list