Bug 1048354 - Gear movement should not require direct root login
Summary: Gear movement should not require direct root login
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: OKD
Classification: Red Hat
Component: Pod
Version: 1.x
Hardware: All
OS: Linux
unspecified
medium
Target Milestone: ---
: ---
Assignee: Abhishek Gupta
QA Contact: libra bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-01-03 19:50 UTC by Trevor Vaughan
Modified: 2017-05-31 18:22 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-05-31 18:22:11 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description Trevor Vaughan 2014-01-03 19:50:20 UTC
Description of problem:

The ability to move gears via rsync requires direct root access to systems. Per most published security guides, this is to be disabled and sudo to be used instead.

Request that rsync movement be able to be used via an account other than root.

Version-Release number of selected component (if applicable):

All

How reproducible:

Disable direct root login, attempt to move a gear.

Actual results:

Gear movement fails.

Expected results:

Gear movement succeeds.

Comment 1 Kurt Seifried 2014-01-06 18:24:17 UTC
This issue appears to be a security feature RFE and not a security flaw or vulnerability.

Comment 2 Eric Paris 2017-05-31 18:22:11 UTC
We apologize, however, we do not plan to address this report at this time. The majority of our active development is for the v3 version of OpenShift. If you would like for Red Hat to reconsider this decision, please reach out to your support representative. We are very sorry for any inconvenience this may cause.


Note You need to log in before you can comment on or make changes to this bug.