nova boot succeeds for deleted glance image
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Fix Released
|
Medium
|
Michael Still |
Bug Description
calling this a security exposure since delete data is resurrected
an image existed with uuid ending in af79:
ID Name Disk Format Container Format Size
-------
dcaf164d-
0698b15f-
then it was deleted:
ID Name Disk Format Container Format Size
-------
0698b15f-
then a new image with the same text name was added, but with uuid ending in 28f9:
ID Name Disk Format Container Format Size
-------
b19e1ca7-
0698b15f-
then I booted the deleted image using nova
n boot --flavor 1 --image dcaf164d-
+------
| Property | Value |
+------
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-
| OS-EXT-
| OS-EXT-
| OS-EXT-
| OS-EXT-
| OS-EXT-STS:vm_state | building |
| accessIPv4 | |
| accessIPv6 | |
| adminPass | 97SjHC9vZQaD |
| config_drive | |
| created | 2012-09-
| flavor | standard.xsmall |
| hostId | |
| id | 90114972-
| image | ub.vdi |
| key_name | |
| metadata | {} |
| name | kirk5 |
| progress | 0 |
| status | BUILD |
| tenant_id | aeb143d32b734e6
| updated | 2012-09-
| user_id | 804e32e815c146b
+------
[root@sticken-isc1 ~]# n list
+------
| ID | Name | Status | Networks |
+------
| 90114972-
+------
[root@sticken-isc1 ~]# n list
+------
| ID | Name | Status | Networks |
+------
| 90114972-
+------
Changed in nova: | |
status: | New → Confirmed |
importance: | Undecided → High |
importance: | High → Medium |
Changed in nova: | |
assignee: | nobody → Michael Still (mikalstill) |
security vulnerability: | yes → no |
visibility: | private → public |
Changed in nova: | |
milestone: | none → grizzly-1 |
status: | Fix Committed → Fix Released |
Changed in nova: | |
milestone: | grizzly-1 → 2013.1 |
opened against glance at first, changed to nova compute