neutron

Grizzly quantum rootwrapper imports quantum code

Bug #1190675 reported by Dirk Mueller
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
Won't Fix
Undecided
Unassigned
Grizzly
Fix Released
Low
Dirk Mueller
neutron 2013.1.3

Bug Description

https://review.openstack.org/#/c/13536/

introduced loading of quantum.utils into rootwrap, which is both slow (as it loads a lot of other modules that nobody needs) and a potential security issue due to the amount of code being run as root. While I don't know of a way to exploit this I think it is a potential risk.

I suggest this part to be reverted for the quantum rootwrapper.

Revision history for this message
yong sheng gong (gongysh) wrote :

I think it makes sense.

Changed in quantum:
status: New → Confirmed
Revision history for this message
Mark McClain (markmcclain) wrote :

The work to unify Oslo's rootwrap will address this.

See https://blueprints.launchpad.net/quantum/+spec/quantum-common-rootwrap

Changed in quantum:
status: Confirmed → Won't Fix
Revision history for this message
Dirk Mueller (dmllr) wrote :

The problem is only in the Grizzly branch of Quantum, it is already solved for Havana, thats correct. There is still a need to have it sovled for Grizzly, I think.

Changed in quantum:
assignee: nobody → Dirk Mueller (dmllr)
information type: Private Security → Public Security
Thierry Carrez (ttx)
information type: Public Security → Public
Dirk Mueller (dmllr)
Changed in quantum:
assignee: Dirk Mueller (dmllr) → nobody
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to quantum (stable/grizzly)

Reviewed: https://review.openstack.org/32922
Committed: http://github.com/openstack/quantum/commit/8917451b3686a1a2c1366322447bab829238cc88
Submitter: Jenkins
Branch: stable/grizzly

commit 8917451b3686a1a2c1366322447bab829238cc88
Author: Dirk Mueller <email address hidden>
Date: Thu Jun 13 18:52:37 2013 +0200

    Do not import anything from quantum into rootwrap

    The rootwrapper is special and shouldn't do heavy code
    loading, first for performance and 2nd for potential
    security issues.

    It shaves off 0.2s of load time (aka heavy cpu usage when
    using openvswitch as it invokes rootwrap twice every 4 seconds)

    Fixes LP bug 1190675

    This is reverting bug 1053381

        Author: Gary Kotton <email address hidden>
        Date: Sun Sep 23 08:34:33 2012 +0000

            Uses a common subprocess popen function

    Change-Id: I629d90aaeb99b225d716da82c6ac5c3f327ebb67

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.