Escalated privileges should be minimised

Bug #2036811 reported by Peter Matulis
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Snap
New
Undecided
Unassigned

Bug Description

My understanding is that passwordless sudo for all commands on a machine is necessary for adding that machine to the cluster. This means that one user account on all machines in the cluster can run any command on the system without the need to enter a password. Since adding a machine is a rare occurrence, and since most would also be added in a short span of time (e.g. adding 3 nodes during initial deploy) it would behoove us to remove these privileges when they are no longer required.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.