Project

Profile

Help

Story #15

As a user, I can rest easy in the knowledge that my celery workers will ensure that their AMQP messages are signed by a trusted sender

Added by Anonymous about 5 years ago. Updated 9 months ago.

Status:
CLOSED - WONTFIX
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
% Done:

0%

Platform Release:
Blocks Release:
Backwards Incompatible:
No
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2
QA Contact:
Complexity:
3
Smash Test:
Verified:
No
Verification Required:
No
Sprint:

Description

We should configure Pulp to use Celery's message signing feature0. This will add a layer of security to protect the Celery workers from performing tasks that might have been injected by an attacker.Deliverables:Pulp server can be configured to sign messagesPulp workers can be configured to require valid signatures on messagesDocument how users can configure message signing0 http://celery.readthedocs.org/en/latest/userguide/security.html#message-signing

History

#1 Updated by rbarlow about 5 years ago

  • Project changed from Import to Pulp

#2 Updated by bmbouter 9 months ago

  • Status changed from NEW to CLOSED - WONTFIX

#3 Updated by bmbouter 9 months ago

Pulp 2 is approaching maintenance mode, and this Pulp 2 ticket is not being actively worked on. As such, it is being closed as WONTFIX. Pulp 2 is still accepting contributions though, so if you want to contribute a fix for this ticket, please reopen or comment on it. If you don't have permissions to reopen this ticket, or you want to discuss an issue, please reach out via the developer mailing list.

#4 Updated by bmbouter 9 months ago

  • Tags Pulp 2 added

Please register to edit this issue

Also available in: Atom PDF