On Nov 13, 2013, at 9:18 AM, Zane Bitter <zbit...@redhat.com> wrote:
> On 13/11/13 04:08, Andrew Plunk wrote: >> Alright. >> >> The problem: >> ---------------- >> If a program generates a password, and displays it on a screen over and over >> again, it is more susceptible to being compromised. > > OK, this is something we can work with, thanks :) > >> Possible solutions: >> ---------------- >> 1).Provide a way to limit the availability of stack outputs returned from >> heat. > > This is IMHO a bad idea. Amongst other things it will cause chaos with nested > stacks in combination with the multi-region feature coming up. It's not even > a particularly good solution to the problem - what if the time you needed it > was the second, not the first? (Maybe you accidentally clicked away, or maybe > a connection dropped the first time.) What if you really need the password > again later? What if the first time you viewed it (when it really does show > the password) you didn't click away but just left it sitting around visible? > >> 2).Provide a way to express metadata about stack outputs returned from heat. > > This could involve something like a "Sensitive: true" field in the Output > schema. Heat would ignore it but pass it on to clients so that something like > the dashboard could e.g. require an extra click to show it, and hide it again > after a timeout. > > Alternatively, as lifeless points out, you could pass the password in using a > hidden input. That's the currently supported way, and I suspect the better > one in most cases. I mostly agree with this suggestion. For symmetry with parameters, we could simply add a key to outputs "hidden: true". For things like stack-list, the default would be to display a masked value like we do for parameters. I think we should then add the ability to retrieve the unmasked values for parameters and outputs. > > cheers, > Zane. >> >> ________________________________________ >> From: Clint Byrum [cl...@fewbar.com] >> Sent: Tuesday, November 12, 2013 8:46 PM >> To: openstack >> Subject: Re: [Openstack] [Heat] Locked Outputs >> >> Excerpts from Andrew Plunk's message of 2013-11-12 17:24:25 -0800: >>> Thanks for reiterating that Zane. The problem I have is I want to display >>> generated passwords once, and only once in a ui. I want the ability to flag >>> or conditionally display outputs based on conditions. >>> >> >> A problem is stated with a cause and an effect "Users may lose control of >> the UI after the first time outputs are displayed, leading to credential >> compromise". >> >> Another example: "English encourages use of overloaded terms which >> can be ambiguous, requiring multiple iterations to communicate ideas >> effectively." >> >> Solution: "I want to define terms more clearly before using them in >> sentences." >> >> "I want to ..." is a _solution_. >> >> Maybe we can try one more time? >> >> _______________________________________________ >> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >> Post to : openstack@lists.openstack.org >> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >> _______________________________________________ >> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >> Post to : openstack@lists.openstack.org >> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >> > > > _______________________________________________ > Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > Post to : openstack@lists.openstack.org > Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack _______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
