[Openstack] [Heat] Locked Outputs

Andrew Plunk andrew.plunk at RACKSPACE.COM
Wed Nov 13 03:08:41 UTC 2013


The problem:
If a program generates a password, and displays it on a screen over and over again, it is more susceptible to being compromised.

Possible solutions:
1).Provide a way to limit the availability of stack outputs returned from heat.
2).Provide a way to express metadata about stack outputs returned from heat.

From: Clint Byrum [clint at fewbar.com]
Sent: Tuesday, November 12, 2013 8:46 PM
To: openstack
Subject: Re: [Openstack] [Heat] Locked Outputs

Excerpts from Andrew Plunk's message of 2013-11-12 17:24:25 -0800:
> Thanks for reiterating that Zane. The problem I have is I want to display generated passwords once, and only once in a ui. I want the ability to flag or conditionally display outputs based on conditions.

A problem is stated with a cause and an effect "Users may lose control of
the UI after the first time outputs are displayed, leading to credential

Another example: "English encourages use of overloaded terms which
can be ambiguous, requiring multiple iterations to communicate ideas

Solution: "I want to define terms more clearly before using them in

"I want to ..." is a _solution_.

Maybe we can try one more time?

Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to     : openstack at lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

More information about the Openstack mailing list