Security groups leak across tenants for admin users
Bug #1046054 reported by
Gabriel Hurley
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Fix Released
|
Medium
|
Eoghan Glynn | ||
OpenStack Dashboard (Horizon) |
Won't Fix
|
High
|
Gabriel Hurley |
Bug Description
As a follow-on to https:/
An admin user who requests security groups using a token scoped to a particular tenant still sees all the security groups in the system. Requests for all security groups vs. only those for the current scope should be differentiated as they were for everything else.
Attempting to launch an instance with a security group from another project results in an API error (but thankfully doesn't crash nova like the volume attachment bug did).
Changed in horizon: | |
milestone: | none → folsom-rc1 |
milestone: | folsom-rc1 → none |
Changed in nova: | |
assignee: | nobody → Vish Ishaya (vishvananda) |
status: | Confirmed → Triaged |
Changed in nova: | |
assignee: | Vish Ishaya (vishvananda) → Eoghan Glynn (eglynn) |
Changed in nova: | |
status: | Triaged → Confirmed |
Changed in nova: | |
status: | Fix Committed → Fix Released |
Changed in nova: | |
milestone: | folsom-rc1 → 2012.2 |
To post a comment you must log in.
Would be good to fix that before release.