[Bug 966601] [NEW] encipher or remove sensitive credentials from zookeeper

Jamie Strandboge jamie at ubuntu.com
Tue Mar 27 20:56:10 UTC 2012


Public bug reported:

This is a tracking bug for a dependency of the juju MIR (bug #912861).

Some of this is discussed in bug #907094, but that deals solely with
AWS. Should try to remove sensitive credentials like access-key, secret-
key and admin-secret from zookeeper. The should be done even if ACLs are
in place in an effort to provide security in depth and guard against
configuration or implementation errors in juju and/or zookeeper.

** Affects: juju (Ubuntu)
     Importance: Undecided
         Status: Triaged

** Affects: juju (Ubuntu Precise)
     Importance: Undecided
         Status: Triaged

** Affects: juju (Ubuntu Q-series)
     Importance: Undecided
         Status: Triaged


** Tags: rls-p-tracking

** Also affects: juju (Ubuntu Precise)
   Importance: Undecided
       Status: Triaged

** Also affects: juju (Ubuntu Q-series)
   Importance: Undecided
       Status: New

** Changed in: juju (Ubuntu Q-series)
       Status: New => Triaged

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to juju in Ubuntu.
https://bugs.launchpad.net/bugs/966601

Title:
  encipher or remove sensitive credentials from zookeeper

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/juju/+bug/966601/+subscriptions



More information about the Ubuntu-server-bugs mailing list