Improve CLI commands: Add new --user & --password options to replace the one_auth authorization credentials
|Target version:||Release 4.0|
#2 Updated by jordan pittier over 8 years ago
I believe this is highly insecured.
I, as a random user with access on the Opennebula server or access to a server from which an Opennebula admin can perform OpenNebula admin action (ie using the CLI), can just do in a shell : "while true do; ps aux | grep '--password' >> output; done". Sooner or later I would catch the Opennebula password, right ?
If I am not clear just read this : http://dev.mysql.com/doc/refman/5.1/en/password-security-user.html