On 07/24/2015 05:10 AM, Thierry Carrez wrote:
Adam Young wrote:
[...]
There should be no "Global Admin Tokens." They are a security risk,
and violate the principal of Least Privilege.
https://en.wikipedia.org/wiki/Principle_of_least_privilege.
Thanks for taking on this long-standing issue.
Should we have some cross-project spec to scope the work needed in the
various projects and track overall acceptance of the plan ?
Yes, the is appropriate:
https://review.openstack.org/#/c/205629/
__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: [email protected]?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
