openstack
/
oslo.privsep
Code Issues Proposed changes

Update patch set 2 

Patch Set 2:

(1 comment)

Patch-set: 2
Attention: {"person_ident":"Gerrit User 36396 \u003c36396@4a232e18-c5a9-48ee-94c0-e04e7cca6543\u003e","operation":"ADD","reason":"\u003cGERRIT_ACCOUNT_9816\u003e replied on the change"}
Attention: {"person_ident":"Gerrit User 9816 \u003c9816@4a232e18-c5a9-48ee-94c0-e04e7cca6543\u003e","operation":"REMOVE","reason":"\u003cGERRIT_ACCOUNT_9816\u003e replied on the change"}
This commit is contained in:
Gerrit User 9816 2024-03-05 02:51:16 +00:00 committed by Gerrit Code Review
parent 08b2bb56c6
commit f4a694f607
1 changed files with 24 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
463b4bf5fdaf15775269da9ed9335d259b5ef852
View File

@ -158,6 +158,30 @@
"revId": "463b4bf5fdaf15775269da9ed9335d259b5ef852",
"serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
},
{
"unresolved": true,
"key": {
"uuid": "4e22ed25_407c9704",
"filename": "oslo_privsep/daemon.py",
"patchSetId": 2
},
"lineNbr": 499,
"author": {
"id": 9816
},
"writtenOn": "2024-03-05T02:51:16Z",
"side": 1,
"message": "\u003e it is possible that other sensitive information could be logged. For example, /etc/iscsi/iscsid.conf containing CHAP secrets). What do you think?\n\nCinder (or other services using os-brick) does not read iscsid.conf directly but read it within iscsiadm command so the content of iscsid.conf is not dumped unless iscsiadm does.\n\nThe current problem is now specific to scaleio connector and is caused by the implementation in scaleio connector which uses rootwrap to read password from scaleio config file. I wonder if that is really required. Can\u0027t we require users to add nova/cinder user to the group which has read access to the scale io config file ? I think that is much simpler approach.\n\nAnother option may be to implement a logic within os-brick to encrypt the output of get_eonnector_password and then decrypt it at _get_password_token(like b64encode/decode)",
"parentUuid": "ec697925_79e5717d",
"range": {
"startLine": 499,
"startChar": 54,
"endLine": 499,
"endChar": 75
},
"revId": "463b4bf5fdaf15775269da9ed9335d259b5ef852",
"serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
},
{
"unresolved": true,
"key": {