BjoernT
commented
5 years ago Thanks but this repository is no longer active
Closed rayhanur-rahman closed 5 years ago
BjoernT
commented
5 years ago Thanks but this repository is no longer active
Greetings,
I am a security researcher, who is looking for security smells in Ansible scripts. I found instances where usernames and passwords are specified within a Ansible script. According to the Common Weakness Enumeration organization this is a security weakness (CWE-798: Hard-coded credentials https://cwe.mitre.org/data/definitions/798.html).
I am trying to find out if you agree with the findings and the reasons the usernames and passwords were introduced. Any feedback is appreciated.
Any feedback is appreciated.
Source: https://github.com/rcbops/ansible-lxc-rpc/blob/master/rpc_deployment/playbooks/openstack/keystone-add-all-services.yml