encipher or remove sensitive credentials from zookeeper

Bug #966601 reported by Jamie Strandboge on 2012-03-27
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
juju (Ubuntu)
High
Unassigned
Precise
High
Unassigned
Quantal
Undecided
Unassigned

Bug Description

This is a tracking bug for a dependency of the juju MIR (bug #912861).

Some of this is discussed in bug #907094, but that deals solely with AWS. Should try to remove sensitive credentials like access-key, secret-key and admin-secret from zookeeper. The should be done even if ACLs are in place in an effort to provide security in depth and guard against configuration or implementation errors in juju and/or zookeeper.

Changed in juju (Ubuntu Precise):
importance: Undecided → High
tags: removed: rls-p-tracking
Changed in juju (Ubuntu Quantal):
status: Triaged → Won't Fix
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers