You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Wilder Rodrigues (JIRA)" <ji...@apache.org> on 2014/03/31 12:17:16 UTC
[jira] [Assigned] (CLOUDSTACK-6252) Host password is stored in the
database in the clear
[ https://issues.apache.org/jira/browse/CLOUDSTACK-6252?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Wilder Rodrigues reassigned CLOUDSTACK-6252:
--------------------------------------------
Assignee: Wilder Rodrigues
> Host password is stored in the database in the clear
> ----------------------------------------------------
>
> Key: CLOUDSTACK-6252
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-6252
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the default.)
> Components: Management Server
> Affects Versions: Future
> Environment: Management Server running on Debian 7
> DevCloud running on XenServer 6.2
> Reporter: Wilder Rodrigues
> Assignee: Wilder Rodrigues
>
> Via the Management Server UI, when creating an advanced Zone and adding a host to it, the host password is stored in the database in the clear.
> All passwords should be encrypted before stored.
> Check details below:
> mysql> select * from host_details;
> +----+---------+----------------------------------------------------+----------------------------------------+
> | id | host_id | name | value |
> +----+---------+----------------------------------------------------+----------------------------------------+
> | 1 | 1 | product_version | 6.2.0 |
> | 2 | 1 | com.cloud.network.Networks.RouterPrivateIpStrategy | DcGlobal |
> | 3 | 1 | private.network.device | Pool-wide network associated with eth0 |
> | 4 | 1 | Hypervisor.Version | 4.1.5 |
> | 5 | 1 | Host.OS | XenServer |
> | 6 | 1 | Host.OS.Kernel.Version | 2.6.32.43-0.4.1.xs1.8.0.835.170778xen |
> | 7 | 1 | wait | 600 |
> | 8 | 1 | password | changeme |
> | 9 | 1 | url | 10.1.1.203 |
> | 10 | 1 | username | root |
> | 11 | 1 | xs620_snapshot_hotfix | false |
> | 12 | 1 | product_brand | XenServer |
> | 13 | 1 | product_version_text_short | 6.2 |
> | 14 | 1 | Host.OS.Version | 6.2.0 |
> | 15 | 1 | instance.name | VM |
> +----+---------+----------------------------------------------------+----------------------------------------+
--
This message was sent by Atlassian JIRA
(v6.2#6252)