diff options
author | Steve Smokowski <ss835w@att.com> | 2020-01-21 14:05:30 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2020-01-21 14:05:30 +0000 |
commit | d6a6f5cc4763f429b24d668ea4aad950e6e33acd (patch) | |
tree | 0cecad1d743c11c457d09ca2c94c50e8d9796fa7 /docs | |
parent | 66afc9f3b01939ffcd7cf0a35d76d4a854dfa410 (diff) |
Update git submodules
* Update docs/submodules/so.git from branch 'master'
to b6fc1fc1f2e4242a83a52581b7d6d05c7a7cd201
- Merge "Encryption and decryption of OpenStack Passwords removed"
- Encryption and decryption of OpenStack Passwords removed
Description from Jira ticket:
Current way of passing OpenStack password to SO is to
encrypt it with a symmetric key that can be find in both
OOM repo and source code. This means that the key is already
compromised and this additional encryption does not introduce
any additional security layer. Additionally this creates a fake
security feeling for people who are not very familiar with the
cryptography as they may think that their password is safe because
it has been encrypted.
Instead of using some custom-made method of passing this password
please just use a secret and pass it via environment variable
unencrypted
and just never store it in a config file
Issue-ID: SO-2535
Change-Id: Iaad50d7d22fe0fc1e3f7e8c5c5cd3a788d777574
Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
Diffstat (limited to 'docs')
m--------- | docs/submodules/so.git | 0 |
1 files changed, 0 insertions, 0 deletions
diff --git a/docs/submodules/so.git b/docs/submodules/so.git -Subproject 3ec71c0b73eda99d3ed3ddcddbb9d5619415b6f +Subproject b6fc1fc1f2e4242a83a52581b7d6d05c7a7cd20 |