threshold-oriented alarm created by admin on behalf of non-admin user:tenant leaks admin-level visibility on statistics
Bug #1237567 reported by
Eoghan Glynn
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ceilometer |
Fix Released
|
High
|
Eoghan Glynn |
Bug Description
When an admin creates a threshold-oriented alarm on behalf of an non-admin user, this has the effect of leaking visibility onto statistics for resources that would not normally be visible to the non-admin user.
An example scenario:
1. ADMIN creates instance with INSTANCE_ID
2. ADMIN creates alarm ALARM1 with --user DEMO --project DEMO --matching-metadata resource_
3. DEMO creates alarm ALARM2 with --matching-metadata resource_
4. ALARM1 ==> ok or alarm
5. ALARM2 ==> insufficient_data
whereas both alarms should transition to insufficient_data, seeing as the instance stats should not be visible to the DEMO user.
tags: | added: havana-rc-potential |
Changed in ceilometer: | |
importance: | Undecided → High |
summary: |
threshold-oriented alarm created by admin user on behalf of non-admin - user leaks admin-level visibility on statistics + user:tenant leaks admin-level visibility on statistics |
summary: |
- threshold-oriented alarm created by admin user on behalf of non-admin + threshold-oriented alarm created by admin on behalf of non-admin user:tenant leaks admin-level visibility on statistics |
Changed in ceilometer: | |
milestone: | none → havana-rc2 |
tags: | removed: havana-rc-potential |
Changed in ceilometer: | |
milestone: | havana-rc2 → 2013.2 |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/50708
Review: https:/