Bug 806469
Summary: | stickshift-node.conf should only contain relevant information | ||
---|---|---|---|
Product: | OKD | Reporter: | Thomas Wiest <twiest> |
Component: | Containers | Assignee: | Krishna Raman <kraman> |
Status: | CLOSED WONTFIX | QA Contact: | libra bugs <libra-bugs> |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | 2.x | CC: | jhonce, jhou, kseifried, mfisher, mmcgrath, mpatel, rmillner, tkramer |
Target Milestone: | --- | Keywords: | Security, Triaged |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-06-13 21:13:28 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 767033 |
Description
Thomas Wiest
2012-03-23 20:51:56 UTC
Is any information in that file a security issue if the gears can see it? Mike, Tim, Dan, Krishna and I discussed this and it was determined that even if the information wasn't immediately dangerous for gears to see, this should still be moved out because: 1) the principle of least privilege (why show users data that they don't need to see, that may be exploitable either now or in the future) 2) since the file used to be private, developers may add sensitive information to the file in the future without knowing the implications. Mike or Tim can probably give more reasons. Please review https://rally1.rallydev.com/#/4670516379d/detail/userstory/6693533935 to ensure the sensitive information in question is being secured. Cartridges are using too many variables to make this change worth while. User story deleted. |