cue worker vulnerable if cluster size is too large
Bug #1427894 reported by
Davide Agnello
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Cue |
Fix Committed
|
Critical
|
Davide Agnello |
Bug Description
Currently, the Cue API/Worker does not verify any limits on size of cluster being constructed. This makes Cue worker instances vulnerable to DOS attacks if an unrealistic cluster size is provided. The worker will attempt to build and execute a new work flow (TaskFlow) with any provided cluster size value.
Changed in cue: | |
importance: | Undecided → Critical |
Changed in cue: | |
assignee: | nobody → Davide Agnello (dagnello) |
Changed in cue: | |
status: | New → In Progress |
Changed in cue: | |
milestone: | none → 1.0.0 |
To post a comment you must log in.
Reviewed: https:/ /review. openstack. org/167806 /git.openstack. org/cgit/ stackforge/ cue/commit/ ?id=33876924f74 9188eca4deaa4ad fd4c60c5e78cef
Committed: https:/
Submitter: Jenkins
Branch: master
commit 33876924f749188 eca4deaa4adfd4c 60c5e78cef
Author: dagnello <email address hidden>
Date: Wed Mar 25 14:28:50 2015 -0700
Cap maximum number of nodes in a cluster
* Max limit configurable in cue.conf
* Cue API post request (create cluster) will validate size is
within this limit
* Added API test for cluster creation higher than limit is rejected.
closes-bug: 1427894
Change-Id: I7e979b22c519df 83a44699bac3d45 d2a3802f2f7