On 17/04/19 12:09 -0500, Ken Gaillot wrote:
> Without the patches, a mitigation is to prevent local user access to
> cluster nodes except for cluster administrators (which is the
> recommended and most common deployment model).
Not trying to artificially amplify the risk in response to the above,
Hello all,
Jan Pokorný of Red Hat discovered three security-related issues in
Pacemaker that have been publicly disclosed today.
The most significant is a privilege escalation vulnerability (assigned
CVE-2018-16877). An unprivileged attacker with local access to a
pacemaker node when pacemaker is