ture generation is obsolete as well?
>>
>> -Original Message-
>> From: Edison Su [mailto:edison...@citrix.com]
>> Sent: Monday, October 22, 2012 4:16 PM
>> To: cloudstack-dev@incubator.apache.org
>> Subject: RE: API Key and Signature security flaw on CS4 -
dstack-dev@incubator.apache.org
>>Subject: RE: API Key and Signature security flaw on CS4 - jenkins build
>>non-oss 137
>>
>>By default, port 8096 is disabled, and is intended to be without API
>>signature/key check.
>>If the 8096 is turned on by yourself, then so
e API Key and Signature generation is obsolete as well?
>
>-Original Message-
>From: Edison Su [mailto:edison...@citrix.com]
>Sent: Monday, October 22, 2012 4:16 PM
>To: cloudstack-dev@incubator.apache.org
>Subject: RE: API Key and Signature security flaw on CS4 - jenkins build
&
I c. . so the API Key and Signature generation is obsolete as well?
-Original Message-
From: Edison Su [mailto:edison...@citrix.com]
Sent: Monday, October 22, 2012 4:16 PM
To: cloudstack-dev@incubator.apache.org
Subject: RE: API Key and Signature security flaw on CS4 - jenkins build non
By default, port 8096 is disabled, and is intended to be without API
signature/key check.
If the 8096 is turned on by yourself, then somehow, it's up to you how to
secure it.
> -Original Message-
> From: Musayev, Ilya [mailto:imusa...@webmd.net]
> Sent: Monday, October 22, 2012 1:04 PM
>
