[Bugs] [Bug 1198746] Volume passwords are visible to remote users
bugzilla at redhat.com
bugzilla at redhat.com
Fri May 17 10:23:52 UTC 2019
https://bugzilla.redhat.com/show_bug.cgi?id=1198746
Amar Tumballi <atumball at redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |CLOSED
Resolution|--- |WORKSFORME
Flags|needinfo?(atumball at redhat.c |
|om) |
Last Closed| |2019-05-17 10:23:52
--- Comment #2 from Amar Tumballi <atumball at redhat.com> ---
Checked the behavior:
On a server node:
```
[root at server-node ~]# gluster system getspec demo1 | grep password
option password 423b5c4c-3457-4b14-ab67-0d4668e35c8f
```
On a separate node, which is not part of the trusted network:
```
[root at fedora28 ~]# gluster --remote-host=192.168.121.1 system getspec demo1 |
grep password
```
So, the behavior is proper, and I don't see any security threat due to this
command with latest codebase.
Marking as WORKSFORME with glusterfs-6.x.
--
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.
More information about the Bugs
mailing list