** Description changed:
This is a tracking bug for a dependency of the juju MIR (bug #912861).
+
+ In summary: The security of the ZooKeeper on node 0 is critical. Even
+ with full ACLs this pins all of the security of the local host onto one
+ set of credentials. Users do not need to access ZooKeeper at all. An
+ iptables rule must be added as a line of defense against privilege
+ escalation by requiring that only root owned processes be allowed to
+ access ZooKeeper.
** Changed in: juju (Ubuntu Precise)
Milestone: 0.7 => None
** Changed in: juju (Ubuntu Precise)
Status: In Progress => Triaged
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/966577
Title:
add explicit egress 'owner' rule on non-bootstrapping nodes to require
root access to zookeeper
To manage notifications about this bug go to:
https://bugs.launchpad.net/juju/+bug/966577/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
