Expose_image_locations set to True by default has security implications.
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Glance Charm |
Fix Released
|
Medium
|
Edward Hope-Morley |
Bug Description
[Environment]
Charms 17.02
Xenial 16.04
[Description]
The charm exposes the config option 'expose-
is set to true.
This was implemented as part of LP: #1531813 and allows ceph copy-on-write
cloning when the RBD backend is in use.
However, there are some security implications that needs to be reviewed, in fact,
the upstream documentation doesn't recommends to enable it by default
because of the security implications [0]
# * Revealing image locations can present a GRAVE SECURITY RISK as
# image locations can sometimes include credentials. Hence, this
# is set to ``False`` by default. Set this to ``True`` with
# EXTREME CAUTION and ONLY IF you know what you are doing!"
# * If an operator wishes to avoid showing any image location(s)
# to the user, then both this option and
# ``show_
The possible solutions for this issue are:
1) Set it to False by default (which will disable COW by default as well).
2) Keep it enabled by default, but limiting the image location ops
to the admin role, by using the policy [1]
"delete_
"get_
"set_
[0] https:/
[1] http://
Related branches
- Alex Kavanagh (community): Approve
- Felipe Reyes (community): Approve
-
Diff: 71 lines (+46/-0)2 files modifiedcharmhelpers/contrib/openstack/utils.py (+12/-0)
tests/contrib/openstack/test_os_utils.py (+34/-0)
Changed in charm-glance: | |
milestone: | 17.08 → 17.11 |
Changed in charm-glance: | |
milestone: | 17.11 → 18.02 |
Changed in charm-glance: | |
status: | Fix Committed → Fix Released |
Fix proposed to branch: master /review. openstack. org/476627
Review: https:/