Glance

copy_from policy not enforced during update

Bug #1259241 reported by Yanis Guenane
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Glance
Fix Released
Undecided
Yanis Guenane
Glance 2014.1 "icehouse"

Bug Description

During the image-create action, the copy_from policy is properly enforced. But it is not during the update process.

Meaning, a non-authorized user can create an empty image and then update it with the --copy-from option even if policy.json says it othewise.

Yanis Guenane (yanis-guenane)
Changed in glance:
assignee: nobody → Yanis Guenane (yanis-guenane)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to glance (master)

Fix proposed to branch: master
Review: https://review.openstack.org/60886

Changed in glance:
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to glance (master)

Reviewed: https://review.openstack.org/60886
Committed: http://github.com/openstack/glance/commit/6354b347262febb83b4e26f61cdfe0ab3dcedb4f
Submitter: Jenkins
Branch: master

commit 6354b347262febb83b4e26f61cdfe0ab3dcedb4f
Author: Yanis Guenane <email address hidden>
Date: Mon Dec 9 17:25:35 2013 +0000

    Enforce copy_from policy during image-update

    The enforcement of the copy_from policy is missing during update allowing
    every user to do this action no matter what is defined in the policy.json

    Change-Id: Iecf11bdf220b37d9ecbb6fc686214d14acf1d3dd
    Closes-bug: #1259241

Changed in glance:
status: In Progress → Fix Committed
Thierry Carrez (ttx)
Changed in glance:
milestone: none → icehouse-2
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in glance:
milestone: icehouse-2 → 2014.1
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.