openstack-manuals

make uploading an image as public admin only by default

Bug #1328302 reported by OpenStack Infra
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openstack-manuals
Fix Released
High
Tom Fifield
openstack-manuals juno

Bug Description

https://review.openstack.org/92739
commit 96169ab5a0e91f8ed506429b079358b540a4c405
Author: Aaron Rosen <email address hidden>
Date: Wed May 7 17:49:04 2014 -0700

    make uploading an image as public admin only by default

    Uploading an image with --is-public=True should by default only be allowed
    by an admin tenant. Allowing anyone to upload an image as is_public is likely
    a security concern. This changes the previous default behavior glance had
    of allowing anyone to upload an image as is_public previously by default.

    DocImpact
    Closes-bug: 1317314

    Change-Id: I60d2257115e9207e09b50d9f950076b7fe8237d7

Tom Fifield (fifieldt)
Changed in openstack-manuals:
importance: Undecided → High
status: New → Confirmed
status: Confirmed → Triaged
milestone: none → juno
Revision history for this message
Tom Fifield (fifieldt) wrote :

added to release notes: https://wiki.openstack.org/wiki/ReleaseNotes/Juno#Upgrade_Notes

Tom Fifield (fifieldt)
tags: added: cli-reference
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-manuals (master)

Fix proposed to branch: master
Review: https://review.openstack.org/102434

Changed in openstack-manuals:
assignee: nobody → Tom Fifield (fifieldt)
status: Triaged → In Progress
Revision history for this message
Tom Fifield (fifieldt) wrote :

There is also one or two places in the cli reference that will be updated by the automatic scripts.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-manuals (master)

Reviewed: https://review.openstack.org/102434
Committed: https://git.openstack.org/cgit/openstack/openstack-manuals/commit/?id=1340e65e5d2369f7f080ee69f428057c497093b6
Submitter: Jenkins
Branch: master

commit 1340e65e5d2369f7f080ee69f428057c497093b6
Author: Tom Fifield <email address hidden>
Date: Wed Jun 25 13:44:29 2014 +0800

    Change docs to use non-public images by default

    In Juno, the ability to make public images will be admin-only by
    default. This patch changes areas of the documentation that
    aren't explicitly known to be working with admin-level credentials
    to use is-public=False in their image uploads. This encourages good
    security practice, and will hopefully avoid bug reports from users
    who don't have access trying to make public images.

    Change-Id: I8ca05c7507e1e63d39c927388f95fc584dfbe34d
    Partial-Bug: 1328302

Tom Fifield (fifieldt)
Changed in openstack-manuals:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.