Project

General

Profile

Actions

Task #7546

closed

VM Security based on LDAP accounts

Added by Moris Jones about 4 years ago. Updated 3 months ago.

Status:
Rejected
Priority:
Normal
Assignee:
Target version:
-
Start date:
12/31/2019
Due date:
% Done:

0%

Estimated time:
PM Check date:

Description

Access to VM administration tools should be secured to the same level or higher as root access to the VM itself.

Currently the VM dashboard uses a shared login with redmine.

Admin systems and communication systems should not have a shared login system, this is a single point of failure.

More details here:

https://chat.ungleich.ch/ungleich/channels/remote-root-exploits-in-ungleich-shared-login-to-different-sys

Actions

Also available in: Atom PDF