Ram Ganesh created CLOUDSTACK-991: ------------------------------------- Summary: system.vm.password property is visible under global configuration when categorized as 'Secure' Key: CLOUDSTACK-991 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-991 Project: CloudStack Issue Type: Task Security Level: Public (Anyone can view this level - this is the default.) Components: Doc Affects Versions: 4.1.0 Reporter: Ram Ganesh Assignee: Radhika Nair Priority: Minor Fix For: 4.1.0
-----Original Message----- From: Chiradeep Vittal [mailto:chiradeep.vit...@citrix.com] Sent: 17 January 2013 00:11 To: CloudStack DeveloperList; Chip Childers Cc: Kishan Kavala; Rajesh Battala; Chiradeep Vittal; Rohit Yadav Subject: Re: Review Request: CLOUDSTACK-822 system.vm.password is not encrypted This also needs to be documented. Can you raise a documentation issue? What about the upgrade from 4.0 case? Are we encrypting previously unencrypted passwords? On 1/16/13 10:05 AM, "Saksham Srivastava" <saksham.srivast...@citrix.com> wrote: >As Kishan pointed out on the review board , changing the category to >"Secure" will be a way out. >Secure configurations are listed whenever admin will execute >listConfiguration API , unlike Hidden configurations which do not get >listed. >If however the password is not encrypted, a management server restart >might fail whenever system.vm.random.password is set to true as CS will >try to decrypt system.vm.password . > >Thanks, >Saksham > >-----Original Message----- >From: Chip Childers [mailto:chip.child...@sungard.com] >Sent: Wednesday, January 16, 2013 8:23 PM >To: cloudstack-dev@incubator.apache.org >Cc: Saksham Srivastava; Kishan Kavala; Rajesh Battala; Chiradeep Vittal; >Rohit Yadav >Subject: Re: Review Request: CLOUDSTACK-822 system.vm.password is not >encrypted > >Can we get an answer to Chiradeep's question below before this is >committed? > >On Thu, Jan 10, 2013 at 1:49 PM, Chiradeep Vittal ><chiradeep.vit...@citrix.com> wrote: >> The question around how the cloud admin can log in to the system vm >> without visibility into the actual password needs to be resolved. Can >> the UI display the unencrypted password whenever the console is viewed? >> >> On 1/10/13 4:40 AM, "Saksham Srivastava" >> <saksham.srivast...@citrix.com> >> wrote: >> >>> >>>----------------------------------------------------------- >>>This is an automatically generated e-mail. To reply, visit: >>>https://reviews.apache.org/r/8859/ >>>----------------------------------------------------------- >>> >>>(Updated Jan. 10, 2013, 12:40 p.m.) >>> >>> >>>Review request for cloudstack and Kishan Kavala. >>> >>> >>>Changes >>>------- >>> >>>Changing the category to "Secure" instead of "Hidden" and Encrypting >>>the password. >>> >>> >>>Description >>>------- >>> >>>Parameter 'system.vm.password' is not encrypted. Need to encrypt it. >>> >>> >>>This addresses bug CLOUDSTACK-822. >>> >>> >>>Diffs (updated) >>>----- >>> >>> server/src/com/cloud/server/ConfigurationServerImpl.java b25c63f >>> >>>Diff: https://reviews.apache.org/r/8859/diff/ >>> >>> >>>Testing >>>------- >>> >>>Tested Locally. >>> >>> >>>Thanks, >>> >>>saksham srivastava >>> >> >> -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira