Guestagent config leaks rabbit password
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack DBaaS (Trove) |
Invalid
|
Undecided
|
Unassigned | ||
OpenStack Security Advisory |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
A running guest vm has the guestagent service running. Included in this is the trave-guestagen
It is pretty easy to extract this as an unprivileged user - given that the guest image is publicly available, it can be downloaded,
and (if needed) converted to raw and mounted. From this either:
- config can be immediately read if guestagent is pre-installed (or)
- rsync command and ip + location of config files can be gleaned from
the init script
In the second case it is then pretty easy to boot a vm on the
appropriate network and rsync the config files using the above gleaned
command(s) as required (e.g add keys to the previously downloaded trove
guest image, upload it to glance then run it directly from nova and ssh
in...).
I'm thinking that we need to setup the guestagent so it does *not* need to know this level of detail about the inner workings of Openstack.
Changed in trove: | |
assignee: | nobody → Amrith (amrith) |
Changed in ossa: | |
status: | Incomplete → Won't Fix |
information type: | Private Security → Public Security |
tags: | added: security |
Changed in trove: | |
status: | New → Invalid |
assignee: | Amrith Kumar (amrith) → nobody |
I note a number of us have mentioned this issue (or parts of it) on the mailing list... in hindsight probably should have filed one of these 1st - but I suspect most of us figured that we were simply mistaken.