stratos-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nirmal Fernando <nirmal070...@gmail.com>
Subject Re: agent security
Date Mon, 19 May 2014 13:26:55 GMT
On Mon, May 19, 2014 at 4:20 PM, chris snow <chsnow123@gmail.com> wrote:

> hi Devs,
>
> Does an agent authenticate itself to Stratos?

Yes, Chris.


>  If not, is it possible
> that an agent could write spoofed events to the MB?
>
> It also looks like the agent has access to the bam admin user name and
> password [1]:
>
>             -Dmonitoring.server.port=<%= @bam_port %>
>             -Dmonitoring.server.secure.port=<%= @bam_secure_port %>
>             -Dmonitoring.server.admin.username=<%= @bam_username %>
>             -Dmonitoring.server.admin.password=<%= @bam_password %>
>
> What damage could someone (e.g. a tenant) do with possession of those
> credentials?
>

We might need to encrypt them and store in agent's side?!

>
> Many thanks,
>
> Chris
>
>
> ---
> [1]
> https://github.com/apache/incubator-stratos/blob/master/tools/puppet3/modules/agent/templates/bin/stratos.sh.erb
>



-- 
Best Regards,
Nirmal

Nirmal Fernando.
PPMC Member & Committer of Apache Stratos,
Senior Software Engineer, WSO2 Inc.

Blog: http://nirmalfdo.blogspot.com/

Mime
View raw message