On Sat, Feb 18, 2017 at 10:23 AM, Clint Byrum <cl...@fewbar.com> wrote: > But I believe Michael is not saying "it's unsafe to read the json > files" but rather "it's unsafe to read the whole config drive". It's > an ISO filesystem, so you can't write to it. You have to read the whole > contents back into a directory and regenerate it. I'm guessing Michael > is concerned that there is some danger in doing this, though I can't > imagine what it is.
Nova can be configured for config drive to be a VFAT filesystem, which can not be trusted. Unfortunately this is (was??) required for libvirt live migration to work so is likely to not be an edge case in deployments. The safest read-back approach would be to generate both ISO9660 and VFAT (if configured) and only read back from the ISO version. But yuck, two config drive images...still better than passwords in the database. dt -- Dean Troyer dtro...@gmail.com __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev