Bug 1476864
Summary: | Option to encrypt the proxy password in rhsm.conf | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Brian Coca <brcoca> |
Component: | subscription-manager | Assignee: | candlepin-bugs |
Status: | CLOSED WONTFIX | QA Contact: | John Sefler <jsefler> |
Severity: | high | Docs Contact: | |
Priority: | unspecified | ||
Version: | 7.3 | CC: | brcoca, csnyder, khowell, redakkan, skallesh, smajumda |
Target Milestone: | rc | Keywords: | FutureFeature |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-07-31 17:18:45 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Brian Coca
2017-07-31 16:19:33 UTC
This is at best obfuscation. Given that subscription-manager code is transparent, and that the user running subscription-manager would have access to rhsm.conf, as well as any information needed to decrypt the proxy password, this provides little value. I would suggest that instead, the user can chmod the rhsm.conf file appropriately in order to protect it. We're happy to help brainstorm other solutions. The needinfo request[s] on this closed bug have been removed as they have been unresolved for 120 days |