Service passwords have predictable pattern
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Low
|
Andy |
Bug Description
Brief Description
-----------------
The services keystone user passwords have a predictable pattern (eg, a0c4068dfbcaTi0*), which is always lowercase characters and numbers followed by "Ti0*". The passwords should be uniformly random (and with at least one uppercase, one lowercase, one number and one special character)
Severity
--------
Minor
Steps to Reproduce
------------------
- Deploy a system of any config.
- check services passwords (keystone, sysinv, fm, sm-api, ldap, patching etc)
Expected Behavior
------------------
the services passwords shouldn't be in a predictable pattern
Actual Behavior
----------------
- the services passwords in their configuration files has a predictable pattern,
the following is from /etc/sysinv/
[keystone_
username=sysinv
user_domain_
password=
Reproducibility
---------------
Reproducible
System Configuration
-------
Any
Branch/Pull Time/Commit
-------
stx master
Last Pass
---------
N/A
Timestamp/Logs
--------------
See steps to reproduce.
Test Activity
-------------
Developer Testing
Workaround
----------
N/A
Changed in starlingx: | |
assignee: | nobody → Andy (andy.wrs) |
should be considered for stx.5.0 as it's a security concern