Glance

glance-scrubber marker files contain keys in plain text

Bug #1112586 reported by Paul Bourke
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Glance
Fix Released
Medium
Paul Bourke
Glance grizzly-3 "g3"
Grizzly
Fix Released
Medium
Paul Bourke
Glance 2013.1 "grizzly"

Bug Description

When using delayed delete, files written to the scrubber's datadir contain auth keys in plain text when using Swift as a backend.

OpenStack Infra (hudson-openstack)
Changed in glance:
assignee: nobody → Paul Bourke (pauldbourke)
status: New → In Progress
Brian Waldon (bcwaldon)
Changed in glance:
importance: Undecided → Medium
milestone: none → grizzly-3
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to glance (master)

Reviewed: https://review.openstack.org/20993
Committed: http://github.com/openstack/glance/commit/cb272bbfc9fd837652b65c39fb2505074612df95
Submitter: Jenkins
Branch: master

commit cb272bbfc9fd837652b65c39fb2505074612df95
Author: Paul Bourke <email address hidden>
Date: Fri Feb 1 12:03:38 2013 +0000

    Encrypt scrubber marker files

    Files written to scrubber_datadir can contain credentials in plain text.

    Update schedule_delayed_delete_from_backend to make use of
    metadata_encryption_key to encrypt the uri before writing it out.

    Fixes LP Bug #1112586

    Change-Id: I03ff36f6b57f58a5e5de28bf8d48e7ce0216e5b3

Changed in glance:
status: In Progress → Fix Committed
Thierry Carrez (ttx)
Changed in glance:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.