Juju newbie questions
Thomas Leonard
tal at it-innovation.soton.ac.uk
Mon Jun 25 09:06:47 UTC 2012
Hi Kapil,
That's useful to know. Is there a document somewhere describing the security
model (e.g. what kinds of deployments should be safe)? A diagram showing the
various components (juju client, ZooKeeper, etc) and how they communicate
would be useful.
As I understand it so far:
- ZooKeeper must not run on a machine with any untrusted users/software
- Attackers must not have access to ZooKeeper's port
- Deployed VMs must have access to ZooKeeper
Does this means that all VMs in one Juju environment are considered to be
equally trusted?
For example, if I deploy a web service and a logging service, can I rely on
the security features of the logging service to prevent an attacker who
compromises the web service from deleting the logs? Or, would getting
control of the web service VM automatically allow the attacker to compromise
the logger VM too?
Thanks,
On 2012-06-23 03:19, c Thangavelu wrote:
> True, that is also an issue for host based attacks against the local
> provider. zk is listening on the bridge address so its not accessible
> remotely but the randomized open port provides no protection against a
> malicious local attacker. i agree the reality check is local provider isn't
> safe for a multi-user host if there is malicious intent.
>
> cheers,
>
> Kapil
>
> On Fri, Jun 22, 2012 at 3:32 PM, Clint Byrum <clint at ubuntu.com
> <mailto:clint at ubuntu.com>> wrote:
>
> Excerpts from Kapil Thangavelu's message of 2012-06-22 10:20:55 -0700:
> > On Fri, Jun 22, 2012 at 10:53 AM, Robbie Williamson
> <robbie at ubuntu.com <mailto:robbie at ubuntu.com>>wrote:
> >
> > > (cross-posting to main juju list)
> > >
> > > On 06/22/2012 03:44 AM, Thomas Leonard wrote:
> > > > Hi all,
> > > >
> > > > I'm evaluating Juju as a way to deploy and manage some of our
> services.
> > > > From the About page, it sounds like just what we're looking for.
> I read
> > > > quite a bit of the documentation and made a test installation, but I
> > > > have a few questions:
> > > >
> > > > - I deployed using the "local" LXC type (using Juju from 12.04). This
> > > > uses virbr0, which means the services aren't accessible from other
> > > > machines. Is there a way to change this? I had a look at the
> code, but
> > > > it was also hard-coding 192.168.122 in various places.
> > > >
> > > > - Juju doesn't say much about security. I found an interesting issue.
> > > > Can security bugs be discussed here on the list, or should they be
> > > > reported privately?
> > > We prefer you report them via our launchpad tool. Assuming you are
> > > running 12.04 (Precise Pangolin), you can open a bug here:
> > > https://bugs.launchpad.net/ubuntu/precise/+source/juju/+filebug
> <https://bugs.launchpad.net/ubuntu/precise/+source/juju/+filebug>
> > > After filling in the description, there is a section where you can
> > > change the bug from "Public" to "Embargoed Security" (right above the
> > > Submit button). This will keep the info open to only you and our juju
> > > development and security teams.
> >
> >
> > Thanks for reporting the issue. Its been fixed on trunk and packages are
> > rolling out to respective releases over the next few days. Its
> specific to
> > the local provider and not remotely accessible. The only applicable
> > scenario where its a problem is a multi-user system using local provider.
>
> Which isn't really a problem at all because these systems are also
> vulnerable to attack via the Zookeeper port which, while randomized,
> has no authentication.
>
> --
> Juju-dev mailing list
> Juju-dev at lists.ubuntu.com <mailto:Juju-dev at lists.ubuntu.com>
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/juju-dev
>
>
>
>
--
Dr Thomas Leonard
IT Innovation Centre
Gamma House, Enterprise Road,
Southampton SO16 7NS, UK
tel: +44 23 8059 8866
mailto:tal at it-innovation.soton.ac.uk
http://www.it-innovation.soton.ac.uk/
More information about the Juju-dev
mailing list