Comment 1 for bug 1270434
Revision history for this message
| John A Meinel (jameinel) wrote Re: [Bug 1270434] Re: mongodb admin password no longer admin-secret on trunk | #1 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 2014-01-21 18:25, Curtis Hovey wrote:
> ** Changed in: juju-core Status: New => Triaged
>
> ** Changed in: juju-core Importance: Undecided => High
>
> ** Changed in: juju-core Milestone: None => 1.17.1
>
> ** Tags added: api regression
>
> ** Tags added: security
>
I do believe it is intended that:
1) The admin-secret will become the actual password on Mongo
*but*
2) We will remove direct access to the MongoDB port outside of the
local network. (In 1.20, once the Juju CLI no longer uses it in 1.18.)
If you have specific needs for it to be exposed, we should get those
outlined, because we currently consider it a security vulnerability
that we expose MongoDB directly.
John
=:->
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (Cygwin)
Comment: Using GnuPG with Thunderbird - http://
iEYEARECAAYFAlL
5RMAoMmykbfpHtg
=oLjo
-----END PGP SIGNATURE-----