Ram Ganesh created CLOUDSTACK-991:
-------------------------------------
Summary: system.vm.password property is visible under global
configuration when categorized as 'Secure'
Key: CLOUDSTACK-991
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-991
Project: CloudStack
Issue Type: Task
Security Level: Public (Anyone can view this level - this is the default.)
Components: Doc
Affects Versions: 4.1.0
Reporter: Ram Ganesh
Assignee: Radhika Nair
Priority: Minor
Fix For: 4.1.0
-----Original Message-----
From: Chiradeep Vittal [mailto:chiradeep.vit...@citrix.com]
Sent: 17 January 2013 00:11
To: CloudStack DeveloperList; Chip Childers
Cc: Kishan Kavala; Rajesh Battala; Chiradeep Vittal; Rohit Yadav
Subject: Re: Review Request: CLOUDSTACK-822 system.vm.password is not encrypted
This also needs to be documented. Can you raise a documentation issue?
What about the upgrade from 4.0 case? Are we encrypting previously
unencrypted passwords?
On 1/16/13 10:05 AM, "Saksham Srivastava" <saksham.srivast...@citrix.com>
wrote:
>As Kishan pointed out on the review board , changing the category to
>"Secure" will be a way out.
>Secure configurations are listed whenever admin will execute
>listConfiguration API , unlike Hidden configurations which do not get
>listed.
>If however the password is not encrypted, a management server restart
>might fail whenever system.vm.random.password is set to true as CS will
>try to decrypt system.vm.password .
>
>Thanks,
>Saksham
>
>-----Original Message-----
>From: Chip Childers [mailto:chip.child...@sungard.com]
>Sent: Wednesday, January 16, 2013 8:23 PM
>To: cloudstack-dev@incubator.apache.org
>Cc: Saksham Srivastava; Kishan Kavala; Rajesh Battala; Chiradeep Vittal;
>Rohit Yadav
>Subject: Re: Review Request: CLOUDSTACK-822 system.vm.password is not
>encrypted
>
>Can we get an answer to Chiradeep's question below before this is
>committed?
>
>On Thu, Jan 10, 2013 at 1:49 PM, Chiradeep Vittal
><chiradeep.vit...@citrix.com> wrote:
>> The question around how the cloud admin can log in to the system vm
>> without visibility into the actual password needs to be resolved. Can
>> the UI display the unencrypted password whenever the console is viewed?
>>
>> On 1/10/13 4:40 AM, "Saksham Srivastava"
>> <saksham.srivast...@citrix.com>
>> wrote:
>>
>>>
>>>-----------------------------------------------------------
>>>This is an automatically generated e-mail. To reply, visit:
>>>https://reviews.apache.org/r/8859/
>>>-----------------------------------------------------------
>>>
>>>(Updated Jan. 10, 2013, 12:40 p.m.)
>>>
>>>
>>>Review request for cloudstack and Kishan Kavala.
>>>
>>>
>>>Changes
>>>-------
>>>
>>>Changing the category to "Secure" instead of "Hidden" and Encrypting
>>>the password.
>>>
>>>
>>>Description
>>>-------
>>>
>>>Parameter 'system.vm.password' is not encrypted. Need to encrypt it.
>>>
>>>
>>>This addresses bug CLOUDSTACK-822.
>>>
>>>
>>>Diffs (updated)
>>>-----
>>>
>>> server/src/com/cloud/server/ConfigurationServerImpl.java b25c63f
>>>
>>>Diff: https://reviews.apache.org/r/8859/diff/
>>>
>>>
>>>Testing
>>>-------
>>>
>>>Tested Locally.
>>>
>>>
>>>Thanks,
>>>
>>>saksham srivastava
>>>
>>
>>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
