Hi Thomas,
On Sun, Mar 31, 2019 at 12:33:45AM +0100, Thomas Goirand wrote:
> If I understand well the problem, the issue is simply that some extra
> Microsoft keys may end up being setup into an Azure Debian instance. I
> don't see this as a very "grave" security issue because:
>
> 1/ Azure users must trust Azure anyways, otherwise, they should just
> stop doing hosting there.
It's still a big difference whether Microsoft has access during the provision
phase vs. the running system (where it may contain sensitive data).
Metaphorically speaking, I'm fine with builders having access to my house
while it's under construction, but not with them having the keys once the
house is built.
> 2/ It only affects Azure users.
But Azure is an official use case, isn't it? We only recently pushed
a DSA for the Azure agent e.g.
> I'm not even sure that our image is really using cloud-init to do the
> ssh key provisioning, if I'm not mistaking, it's using the Azure agent
> to do that (can Bastian confirm this?).
I don't know, if it can be confirmed it doesn't affect Debian, when we
can close the bug, ofc.
> In any case, can we downgrade this bug to "important"? Or am I missing
> something here?
Instead of arguing over bug severities, can't we rather fix the bug?
Ubuntu fixed this already and their versions seems fairly close.
Cheers,
Moritz
