cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ram Ganesh (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CLOUDSTACK-991) system.vm.password property is visible under global configuration when categorized as 'Secure'
Date Wed, 16 Jan 2013 19:28:13 GMT
Ram Ganesh created CLOUDSTACK-991:
-------------------------------------

             Summary: system.vm.password property is visible under global configuration when
categorized as 'Secure'
                 Key: CLOUDSTACK-991
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-991
             Project: CloudStack
          Issue Type: Task
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: Doc
    Affects Versions: 4.1.0
            Reporter: Ram Ganesh
            Assignee: Radhika Nair
            Priority: Minor
             Fix For: 4.1.0



-----Original Message-----
From: Chiradeep Vittal [mailto:Chiradeep.Vittal@citrix.com] 
Sent: 17 January 2013 00:11
To: CloudStack DeveloperList; Chip Childers
Cc: Kishan Kavala; Rajesh Battala; Chiradeep Vittal; Rohit Yadav
Subject: Re: Review Request: CLOUDSTACK-822 system.vm.password is not encrypted

This also needs to be documented. Can you raise a documentation issue?
What about the upgrade from 4.0 case? Are we encrypting previously
unencrypted passwords?

On 1/16/13 10:05 AM, "Saksham Srivastava" <saksham.srivastava@citrix.com>
wrote:

>As Kishan pointed out on the review board , changing the category to
>"Secure" will be a way out.
>Secure configurations are listed whenever admin will execute
>listConfiguration API , unlike Hidden configurations which do not get
>listed.
>If however the password is not encrypted, a management server restart
>might fail whenever system.vm.random.password is set to true as CS will
>try to decrypt system.vm.password .
>
>Thanks,
>Saksham
>
>-----Original Message-----
>From: Chip Childers [mailto:chip.childers@sungard.com]
>Sent: Wednesday, January 16, 2013 8:23 PM
>To: cloudstack-dev@incubator.apache.org
>Cc: Saksham Srivastava; Kishan Kavala; Rajesh Battala; Chiradeep Vittal;
>Rohit Yadav
>Subject: Re: Review Request: CLOUDSTACK-822 system.vm.password is not
>encrypted
>
>Can we get an answer to Chiradeep's question below before this is
>committed?
>
>On Thu, Jan 10, 2013 at 1:49 PM, Chiradeep Vittal
><Chiradeep.Vittal@citrix.com> wrote:
>> The question around how the cloud admin can log in to the system vm
>> without visibility into the actual password needs to be resolved. Can
>> the UI display the unencrypted password whenever the console is viewed?
>>
>> On 1/10/13 4:40 AM, "Saksham Srivastava"
>> <saksham.srivastava@citrix.com>
>> wrote:
>>
>>>
>>>-----------------------------------------------------------
>>>This is an automatically generated e-mail. To reply, visit:
>>>https://reviews.apache.org/r/8859/
>>>-----------------------------------------------------------
>>>
>>>(Updated Jan. 10, 2013, 12:40 p.m.)
>>>
>>>
>>>Review request for cloudstack and Kishan Kavala.
>>>
>>>
>>>Changes
>>>-------
>>>
>>>Changing the category to "Secure" instead of "Hidden" and Encrypting
>>>the password.
>>>
>>>
>>>Description
>>>-------
>>>
>>>Parameter 'system.vm.password' is not encrypted. Need to encrypt it.
>>>
>>>
>>>This addresses bug CLOUDSTACK-822.
>>>
>>>
>>>Diffs (updated)
>>>-----
>>>
>>>  server/src/com/cloud/server/ConfigurationServerImpl.java b25c63f
>>>
>>>Diff: https://reviews.apache.org/r/8859/diff/
>>>
>>>
>>>Testing
>>>-------
>>>
>>>Tested Locally.
>>>
>>>
>>>Thanks,
>>>
>>>saksham srivastava
>>>
>>
>>


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message