[
https://issues.apache.org/jira/browse/CLOUDSTACK-9099?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15080649#comment-15080649
]
ASF GitHub Bot commented on CLOUDSTACK-9099:
--------------------------------------------
Github user jburwell commented on the pull request:
https://github.com/apache/cloudstack/pull/1152#issuecomment-168570237
@DaanHoogland I complete agree with you regarding exposing credential
information. The best practice when credentials are lost is to require that
they be changed. This approach makes the access to the sensitive information
obvious to all users -- making it impossible for an attacker to hide such a
breach.
In the past, we have removed sensitive data from existing API responses.
For example, for CVE-2015-3251, we removed exposure of KVM credentials from the
[listHosts call](https://github.com/apache/cloudstack/pull/682). Therefore, as
a project, we have previously determined that security should trump API
backwards compatibility. It should most certainly be prioritized over making
the task of integration testing easier.
> SecretKey is returned from the APIs
> -----------------------------------
>
> Key: CLOUDSTACK-9099
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9099
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Reporter: Kshitij Kansal
> Assignee: Kshitij Kansal
>
> The sercreKey parameter is returned from the following APIs:
> createAccount
> createUser
> disableAccount
> disableUser
> enableAccount
> enableUser
> listAccounts
> listUsers
> lockAccount
> lockUser
> registerUserKeys
> updateAccount
> updateUser
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
