Status: New
Owner: [email protected]
CC: [email protected], [email protected], [email protected]
Labels: Priority-Critical Milestone-Release2.12 Component-master Security
New issue 708 by [email protected]: Secret parameters written to disk in
job queue
http://code.google.com/p/ganeti/issues/detail?id=708
All secret parameters are written to disk in the job queue directory. This
violates the "secret parameters are never written to disk" invariant.
This cannot be worked around easily given how the job queue works and the
current job queue is being replaced in the first place. Once jobs are
handled through forks, the values can be kept in memory for child processes
to use.
This only affects a limited amount of jobs:
* Cluster set params
* Instance create
* Instance set params
* Instance reinstall
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
