On Fri, Mar 4, 2022 at 2:07 PM Robert Vasek <rvasek01@xxxxxxxxx> wrote: > > Is there a way for an attacker with sufficient privileges to retrieve the > key by somehow mining it off of the process memory of ceph-fuse which is > now maintaining the volume mount? Yes, one should assume that if they can gcore dump the ceph-fuse process, they can extract the cephx key. In normal deployment scenarios only a root user should be able to do this, and they would normally have the key anyway. Cheers, Dan _______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx
 |