Project

General

Profile

Actions
Copy link

Feature #16580

closed

Restrict and document access to BMC credentials

Added by Dominic Cleal about 7 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Dominic Cleal
Category:
BMC
Target version:
1.14.0
Difficulty:
Triaged:
Bugzilla link:
Pull request:
https://github.com/theforeman/foreman/pull/3855
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

BMC interface credentials stored in Foreman are accessible through the ENC YAML output and through templates (#15046), however it isn't clear that they are so readily available when entering them and there is no option to restrict it.

It should be possible to disable access through the ENC YAML and templates to credentials if the administrator wishes, via a setting. This would use the credentials only for BMC smart proxies.

The BMC interface form should probably also state where the credentials are accessible from.

Reported by Alex Fisher to , thanks. No CVE will be requested as it's by design, this is hardening.

Actions
Copy link
 #1

Updated by The Foreman Bot about 7 years ago

  • Status changed from Assigned to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/3855 added
Actions
Copy link
 #2

Updated by Dominic Cleal about 7 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100
Actions
Copy link
 #3

Updated by Dominic Cleal about 7 years ago

  • translation missing: en.field_release set to 189
Actions
Copy link

Also available in: Atom PDF