Min, +1. In my opinion, masking the secret key will only make debugging and diagnostics more difficult. From a security perspective, CloudStack administrators/operators should be creating a dedicated CloudStack access key/secret key with a read/write ACL only for the bucket used by the system. This approach is a best practice recommended by Amazon for circumstances when a a credential set will be used by an automated system such as CloudStack. If the credentials are compromised, the impact of revocation is minimized and the access gained by an attacker is greatly limited.
Thanks, -John On Jul 3, 2013, at 9:09 PM, Min Chen <min.c...@citrix.com> wrote: > Tom, on second thought, I don't think that this is an issue at all. This > Infrastructure page UI is only available to cloud admin, who is the person > who set up S3 secondary storage, so he/she already knows S3 secret key. > Hiding or not hiding it will make no difference. This UI will not be > visible to end users, so should not expose security issue. > > Thanks > -min > > On 7/2/13 11:51 PM, "Thomas O'Dowd" <tpod...@cloudian.com> wrote: > >> Hi guys, >> >> I created a bug regarding the handling of the S3 secret key information. >> My opinion is that it should be treated more carefully like a password >> and not displayed in the UI at least. >> >> https://issues.apache.org/jira/browse/CLOUDSTACK-3342 >> >> Tom. >> -- >> Cloudian KK - http://www.cloudian.com/get-started.html >> Fancy 100TB of full featured S3 Storage? >> Checkout the Cloudian® Community Edition! >> >
