Comment 18 for bug 1872735
Revision history for this message
| Colleen Murphy (krinkle) wrote Re: EC2 and/or credential endpoints are not protected from a scoped context | #18 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
> Affects: ==15.0.0, ==16.0.0, ==17.0.0
I think this affects Rocky too, which is 14.0.0. Will verify shortly.
https:/
https:/
> Any user authenticated within a limited scope ... can create an EC2 credential with an escalated permission, such as obtaining "admin" while the user is on a limited "viewer" role.
This look okay to me, though I think it overestimates the problem slightly. The user who is exploiting this can only assume the role assignments that the delegator currently has on the project, which might not necessarily be as bad as admin. But if the impact description is meant to illustrate the worst-case scenario then this looks fine to me.