handling private user data
Gustavo Niemeyer
gustavo.niemeyer at canonical.com
Mon Sep 17 12:52:32 UTC 2012
On Mon, Sep 17, 2012 at 9:09 AM, Nick Moffitt
<nick.moffitt at canonical.com> wrote:
> Clint Byrum:
>> Juju's security model still even with ACLs shows too much trust
>> between service units. We'll have to take a look at containment as
>> juju starts to want to service more security-sensitive workloads.
>
> Are there any efforts toward implementing some sort of PKI between
> units?
We don't have isolation between units right now, but that's definitely
where we're heading to.
The case for service-bound secrets seems like very nice use case for
service configuration.
gustavo @ http://niemeyer.net
More information about the Juju
mailing list