There have been various discussions about this before.
There are actually two issues if you don't like a security breach on a
single node to compromise other systems:
* messages are not verifed
* database access is global
As you've said anyone with access to the queue can send any message
and ma
Would there be any advantage in moving the quota checks inside the MQ?
eg for nodes, links, RAM usage, disk usage, etc.
Would there also be an advantage in using the SASL 'authzid' and 'authcid',
ie user authenticated as x, but authorized to act as role y?
Raphael Cohn
Managing Director
raphael.
Joshua,
user is authorized before the call gets to the scheduler.
If user authorized, before any calls to the scheduler, there is a check if
he doesn't exceed quotas.
If user authorized, has right role and doesn't exceed quotas - then message
is sent to the scheduler.
My point of view is these ch
If i am not wrong,the rabbitmq have a password
2011/10/2 Joshua Harlow
> The question is more along the lines of this:
>
> So say u have ssl enabled, which is good.
>
> But should all actions/messages on the message queue also be verified
> before they are applied as coming from the correct use
The question is more along the lines of this:
So say u have ssl enabled, which is good.
But should all actions/messages on the message queue also be verified before
they are applied as coming from the correct user?
Say u have an initial API call that says make me a server for user X.
Now the s
Joshua,
your question scares me :)
Actually you can define user/pass for rabbitmq:
See in rpc/impl_kombu.py, which is used by default:
308 self.params = dict(hostname=FLAGS.rabbit_host,
309 port=FLAGS.rabbit_port,
310 userid=FLAGS.rabb
A quick security question.
Is there any plan to force authentication/authorization of the rabbitmq
messages?
Right now it seems like keystone (tbd) will protect the external<->openstack
layers but what about the openstack<->openstack layers.
If someone got access to the rabbitmq it seems like
7 matches
Mail list logo
