yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1158328] Re: passwords in config files stored in plaintext

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Duncan Thomas <duncan.thomas@xxxxxxxxx>
Date: Wed, 17 Sep 2014 16:27:46 -0000
Reply-to: Bug 1158328 <1158328@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This affects cinder (and many other projects) - we'd welcome a good
solution, though I've no idea what that might be

** Also affects: cinder
   Importance: Undecided
       Status: New

** Changed in: cinder
   Importance: Undecided => Wishlist

** Changed in: cinder
       Status: New => Confirmed

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1158328

Title:
  passwords in config files stored in plaintext

Status in Cinder:
  Confirmed
Status in OpenStack Compute (Nova):
  Won't Fix

Bug description:
  The credentials for database conenctions and the keystone authtoken
  are stored in plaintext within the nova.conf and apipaste config
  files.

  These values should be encrypted.  A scheme similar to /etc/shadow
  would be great.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cinder/+bug/1158328/+subscriptions