Do not store headers as None with swift
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Heat |
Fix Released
|
Low
|
Chmouel Boudjnah | ||
OpenStack Security Advisory |
Invalid
|
Undecided
|
Unassigned |
Bug Description
By default when you have an empty string for a value the properties class would set this as None, for swiftclient if we do that it would just pass the info as is and actually set the value of container as None :
stack@devstack:
Account: AUTH_4f904e80ca
Container: testswift-
Objects: 0
Bytes: 0
Read ACL: None
Write ACL: None
Sync To:
Sync Key:
Accept-Ranges: bytes
X-Timestamp: 1386684773.54007
X-Trans-Id: txf413c02d81b44
Content-Type: text/plain; charset=utf-8
which basically allow the user None to Read Write there not ideal .
swift support wasn't working since last august before this commit went in so I don't think it's a big deal to fix it as security :
https:/
https:/
Changed in heat: | |
status: | New → Triaged |
importance: | Undecided → Medium |
Changed in ossa: | |
status: | Incomplete → Invalid |
information type: | Private Security → Public |
Changed in heat: | |
assignee: | nobody → Chmouel Boudjnah (chmouel) |
status: | Triaged → In Progress |
Changed in heat: | |
milestone: | none → icehouse-2 |
status: | Fix Committed → Fix Released |
Changed in heat: | |
milestone: | icehouse-2 → 2014.1 |
ignore the first patch (or see it with less since it has colors/terminal chars in there)