openstack-manuals

Easily misinterpreted context - Chapter 31. Case studies: messaging in OpenStack Security Guide

Bug #1343612 reported by Shellee Aragon on 2014-07-17

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	openstack-manuals	Fix Released	Medium	KATO Tomoyuki

Bug Description

Metaphorical use of the term horizon could lead to misinterpretation. Essentially, a reader could assume that this is referencing the Horizon (Dashboard) component of OpenStack:

There are a number of solutions on the horizon to fix this, with several proposals for message signing and encryption making their way through the OpenStack development process.

Potential revision:

There are a number of solutions anticipated in the near future, with several proposals for message signing and encryption making their way through the OpenStack development process.

Awkward wording and missing comma:
In this case Alice's controls mimic those Bob has deployed for the public cloud.

Can be written as:

In this case, the controls that Bob has deployed for his public cloud will be mimicked by Alice.

Multiple incomplete sentences:

Bob assumes that at some point infrastructure or networks underpinning the Compute service may become compromised. Due to this, he recognizes the importance of locking down access to the message queue. To do this Bob deploys his RabbitMQ servers with SSL and X.509 client auth for access control. This in turn limits the capabilities of an attacker who has compromised a system that does not have queue access.

Proposed revision:

Bob assumes the infrastructure or networks underpinning the Compute service could become compromised, therefore he recognizes the importance of hardening the system by restricting access to the message queue. In order to accomplish this task Bob deploys his RabbitMQ servers with SSL and X.509 client authorization for access control. Hardening activities assists in limiting the capabilities of a malicious user that has compromised the system by disallowing queue access, provided that this user does not have valid credentials to override the controls.

-----------------------------------
Built: 2014-07-17T19:36:00 00:00
git SHA: 5ce4ae8b6c47080541f72c178913b659a998db95
URL: http://docs.openstack.org/security-guide/content/case-studies-messaging.html
source File: file:/home/jenkins/workspace/security-doc-tox-doc-publishdocs/security-guide/ch_case-studies-messaging.xml
xml:id: case-studies-messaging

See original description

Tags:

Shellee Aragon (shellee-aragon) on 2014-07-17

description:

updated

Bryan D. Payne (bdpayne) on 2014-07-17

Changed in openstack-manuals:
status:	New → Confirmed
importance:	Undecided → Medium

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-08-05: Fix proposed to security-doc (master)

Fix proposed to branch: master
Review: https://review.openstack.org/111902

Changed in openstack-manuals:
assignee:	nobody → KATO Tomoyuki (kato-tomoyuki)
status:	Confirmed → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-08-06: Fix merged to security-doc (master)

Reviewed: https://review.openstack.org/111902
Committed: https://git.openstack.org/cgit/openstack/security-doc/commit/?id=6fb6449b55684e4fbdf1b7932c5790948b15a58f
Submitter: Jenkins
Branch: master

commit 6fb6449b55684e4fbdf1b7932c5790948b15a58f
Author: KATO Tomoyuki <email address hidden>
Date: Tue Aug 5 13:55:40 2014 +0900

Fix easily misinterpreted context

Change-Id: Ied0e6abefe9956af8f3dd331be4dfc1d6d84e74b
Closes-Bug: 1343612

Changed in openstack-manuals:
status:	In Progress → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.