change account_autocreate to default to true

Bug #1629711 reported by John Dickinson on 2016-10-02
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Object Storage (swift)
Cheng Li

Bug Description

"account_autocreate = true" is more common than the default false setting, and leaving it at false makes new deployments harder for people that are just getting started. We should change the default.

Cheng Li (shcli) on 2016-10-12
Changed in swift:
assignee: nobody → Cheng Li (shcli)

Fix proposed to branch: master

Changed in swift:
status: Confirmed → In Progress
Janie Richling (jrichli) wrote :

I think this is a good idea. My only concern is about current deployments that may be tight on security and are currently depending on the default being not to auto create accounts. Would it be enough to simply point it out in the changelog?

clayg (clay-gerrard) wrote :

maybe, probably, or not...

we could definately make it required? I do sorta doubt that anyone is using the default w/o calling it out explicitly - because stuff is so broken w/o it - most deployments probably have it explicitly set to true in their configs and wouldn't even notice if we required it.

but I'm not sure I wouldn't go for just changing it - it's not really a security thing - it's just a provisioning workflow - you can have a valid auth token but not use the service because a reselleradmin didn't put your account - nobodies auth systems work like that?

OTOH, just making it required is 100% safe, and give us the option to relax with a different default down the road.

Janie Richling (jrichli) wrote :

Thanks for the perspective. I like your idea of making it required. Some systems are a little funny when it comes to security, and they judge the rules at every layer that would need to be breached when evaluating strength of security.

Janie Richling (jrichli) wrote :

After talking with some people at work, and talking more with Clay and learning more about "account_autocreate" and "allow_account_management" in general, I no longer think this setting could be considered a security layer. If we did change to require the setting, then some deployments would have to add that - when they might not mind the change in behavior. And most likely if you specifically cared not to autocreate, then you'd prob have it set. Sounds like a very low chance we'd want to change the default down the road. Perhaps it is best to simply change the default.

Cheng Li (shcli) wrote :

Agree with you of simply changing the default. Not to my knowledge, many company check the changelog before upgrade.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers