Tom, on second thought, I don't think that this is an issue at all. This Infrastructure page UI is only available to cloud admin, who is the person who set up S3 secondary storage, so he/she already knows S3 secret key. Hiding or not hiding it will make no difference. This UI will not be visible to end users, so should not expose security issue.
Thanks -min On 7/2/13 11:51 PM, "Thomas O'Dowd" <tpod...@cloudian.com> wrote: >Hi guys, > >I created a bug regarding the handling of the S3 secret key information. >My opinion is that it should be treated more carefully like a password >and not displayed in the UI at least. > > https://issues.apache.org/jira/browse/CLOUDSTACK-3342 > >Tom. >-- >Cloudian KK - http://www.cloudian.com/get-started.html >Fancy 100TB of full featured S3 Storage? >Checkout the Cloudian® Community Edition! >
