1403310 – Infoblox passwords saved as plain text

Bug 1403310 - Infoblox passwords saved as plain text

Summary: Infoblox passwords saved as plain text

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat Satellite
Classification:	Red Hat
Component:	DHCP & DNS
Sub Component:
Version:	6.3.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium vote
Target Milestone:	Unspecified
Assignee:	Lukas Zapletal
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1402685
TreeView+	depends on / blocked

Reported:	2016-12-09 15:31 UTC by Renzo Nuccitelli
Modified:	2019-08-12 16:06 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2018-08-02 20:57:22 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Renzo Nuccitelli 2016-12-09 15:31:25 UTC

Description of problem:

Summary says it all

Version-Release number of selected component (if applicable):


How reproducible:

Always

Steps to Reproduce:
1. Run installer with infoblox parameters using password "infoblox"
2. Check passwords running:
[root@ ~]# grep password /etc/foreman-proxy/settings.d/dns_infoblox.yml 
:password: "infoblox"
[root@ ~]# grep password /etc/foreman-proxy/settings.d/dhcp_infoblox.yml 
:password: "infoblox"

Actual results:

password saved as plaintext

Expected results:

 Token authentication should be used instead (OAuth maybe) if available. Or at least passwords should be encrypted.

Additional info:

Comment 3 Bryan Kearney 2018-08-02 20:57:22 UTC

Thank you for your interest in Satellite 6. We have evaluated this request, and we do not expect this to be implemented in the product in the forseeable future. We are therefore closing this out as WONTFIX. If you have any concerns about this, please feel free to contact Rich Jerrido or Bryan Kearney. Thank you.

Note You need to log in before you can comment on or make changes to this bug.