ensure that the docs explicitly caution to keep the hash path suffix secret
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| OpenStack Object Storage (swift) |
Fix Released
|
Medium
|
Anne Gentle | ||
Bug Description
Question #156307 on OpenStack Object Storage (swift) changed:
https:/
Rostik Slipetskyy posted a new comment:
we caution deployers to keep it secret in the docs (...) The
hash_path_suffix should be kept as secret as an /etc/shadow file or the
secret key of a key pair.
I just rechecked the Administrator manual
(http://
objectstorage-
swift_hash_
"# random unique string that can never change (DO NOT LOSE)"
Maybe I have missed other places where the necessity to keep
swift_hash_
indicate it in Admin manual and also at etc/swift.
distribution. Just as a precaution measure.
| Anne Gentle (annegentle) wrote | #1 |
| Changed in swift: | |
| status: | New → Confirmed |
| assignee: | nobody → Anne Gentle (annegentle) |
| importance: | Undecided → Medium |
| Samuel Merritt (torgomatic) wrote | #2 |
| Samuel Merritt (torgomatic) wrote | #3 |
| Changed in swift: | |
| milestone: | none → 1.7.5 |
| status: | Confirmed → Fix Released |
I've changed the docs in openstack-manuals and you can also assign it to me to fix in Swift as well.