Comment 15 for bug 1572796

Revision history for this message
aeva black (tenbrae) wrote : Re: Complete node information available to unathenticated users, if they know MAC address of Node

Dmitry, while I agree that IPA shouldn't be using that info, I don't know what folks might be doing with downstream HardwareManagers in IPA. As this is part of the API we're currently providing, and this patch needs to be backported to stable branches, my view in developing these patches was to make the least possible change (just mask the password).

There's still a risk that someone, somewhere, has used the IPMI password in the agent, and this change will break them -- and I'm willing to accept that risk in order to close this hole.