Context elevated on reschedule
Bug #1187076 reported by
Joshua Harlow
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Cinder |
Fix Released
|
Undecided
|
XueChendi |
Bug Description
When a volume is initially created the context is immediately elevated (in the volume.manager code) to admin level and if the volume is not created successfully then the rescheduling logic will send back out that elevated context to the scheduler. This seems like a privilege escalation which was not intended (since before the create_volume() call occurred the context was not elevated and if it fails then it becomes elevated). I am not sure of the side-effects this could have, but it seems likely unintended to elevate an unprivileged context, try creation, fail and then send out the elevated context for further scheduling.
description: | updated |
information type: | Private Security → Public |
no longer affects: | ossa |
Changed in cinder: | |
assignee: | nobody → Mike Perez (thingee) |
Changed in cinder: | |
status: | New → Confirmed |
Changed in cinder: | |
assignee: | Mike Perez (thingee) → Huang Zhiteng (zhiteng-huang) |
Changed in cinder: | |
assignee: | Huang Zhiteng (zhiteng-huang) → XueChendi (chendi-xue) |
Changed in cinder: | |
milestone: | none → havana-2 |
status: | Fix Committed → Fix Released |
Changed in cinder: | |
milestone: | havana-2 → 2013.2 |
To post a comment you must log in.
I don't think this classifies as an exploitable vulnerability, unless I'm missing something. Sounds more like a bug that needs to be fixed... in which case I'd rather handle it in the open rather than in embargo mode.
Raise your hand if you object to the opening of this bug