Enabling soft-deletes opens a DOS on compute hosts
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Opinion
|
Wishlist
|
Unassigned | ||
OpenStack Security Advisory |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
If the user sets reclaim_
A malicious authenticated user can repeatedly create and delete instances without limit, which will consume resources on the host without consuming their quota. If done quickly enough, this will exhaust host resources.
I'm not entirely sure what to suggest in remediation, as this seems to be a deliberate design. The most obvious fix would be to not release quota until the instance is reaped, but that would be a significant change in behaviour.
This is very similar to https:/
Changed in nova: | |
assignee: | nobody → Chris Martin (cm876n) |
Changed in nova: | |
assignee: | Chris Martin (cm876n) → Andia (wangyuwei) |
Changed in nova: | |
assignee: | Andia (wangyuwei) → Chris Martin (cm876n) |
Changed in nova: | |
assignee: | Chris Martin (cm876n) → Andia (wangyuwei) |
Changed in nova: | |
assignee: | Andia (wangyuwei) → Chris Martin (cm876n) |
Changed in nova: | |
assignee: | Chris Martin (cm876n) → Matt Riedemann (mriedem) |
Changed in nova: | |
status: | In Progress → Opinion |
assignee: | Chris Martin (cm876n) → nobody |
Since this report concerns a possible security risk, an incomplete security advisory task has been added while the core security reviewers for the affected project or projects confirm the bug and discuss the scope of any vulnerability along with potential solutions.