Ubuntu

implement full explicit ingress filtering on non-Local provider bootstrapping node

Reported by Jamie Strandboge on 2012-03-27
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
juju (Ubuntu)
High
Unassigned
Precise
High
Unassigned

Bug Description

This is a tracking bug for a dependency of the juju MIR (bug #912861).

This is different from bug #966558 in that this bug implements explicit full ingress filtering on the bootstrapping node. This helps ensure that services started on the bootstrapping node can't be trampolined to more privileged juju access. Access might be something like:
 * allow ping and 22/tcp from anywhere
 * allow only ping, 22/tcp and 2181/tcp (zookeeper) from deployed nodes

Changed in juju (Ubuntu Precise):
importance: Undecided → High
Changed in juju (Ubuntu):
milestone: precise-updates → none
tags: removed: rls-p-tracking
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers