[pve-devel] nexenta plugin problems
Dietmar Maurer
dietmar at proxmox.com
Fri Aug 24 17:27:59 CEST 2012
> I don't see any problem here. We can create a new NON UNIX User in
> Nexenta which has just the permissions you need.
>
> Then choose a long passwort (max. 40 characters are accepted) it's then like
> an api key. Where's the difference if we have an API Key or a password?
I will not allow to store any password inside /etc/pve/storage.cfg.
That file is readable by www-data user, so that is a major security hole.
Any other ideas?
More information about the pve-devel
mailing list