openstack team mailing list archive
-
openstack team
-
Mailing list archive
-
Message #04221
Messaging level auth
-
To:
openstack <openstack@xxxxxxxxxxxxxxxxxxx>
-
From:
Joshua Harlow <harlowja@xxxxxxxxxxxxx>
-
Date:
Wed, 21 Sep 2011 14:20:48 -0700
-
Accept-language:
en-US
-
Acceptlanguage:
en-US
-
Thread-index:
Acx4pFTTRMDxx9LKRkm1HX7FPiQsIg==
-
Thread-topic:
Messaging level auth
A quick security question.
Is there any plan to force authentication/authorization of the rabbitmq messages?
Right now it seems like keystone (tbd) will protect the external<->openstack layers but what about the openstack<->openstack layers.
If someone got access to the rabbitmq it seems like without this kind of layer bad things could happen (create me 1000 nodes...).
Has there been any thought in that area?
-Josh
Follow ups
