Was noticing that not much was happening with https://github.com/xcat2/xcat-core/issues/7246 [https://opengraph.githubassets.com/04aa8dfcf26704c37d9fd11140249003ac8322df3872134b416d5c9df4fa2fef/xcat2/xcat-core/issues/7246]<https://github.com/xcat2/xcat-core/issues/7246> Unsufficient check in credentials.pm · Issue #7246 · xcat2/xcat-core<https://github.com/xcat2/xcat-core/issues/7246> Hi, I recognize that one can request the ssh_root_key's of every zone from every client independently of its zone affiliation by a simple script using getcredentials.awk and allowcred.awk. This... github.com
It's a pretty significant break, effectively ssh zones don't actually enforce security as is.
_______________________________________________ xCAT-user mailing list xCAT-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xcat-user
