not applying access authorisation checks
Bug #388934 reported by
robb1e
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Eucalyptus |
Fix Released
|
Undecided
|
Unassigned | ||
eucalyptus (Ubuntu) |
Fix Released
|
High
|
Dustin Kirkland |
Bug Description
When using the portal to disable a user, the certs and keys are still valid and that user can still create and terminate instances.
Cheers
Robbie
Changed in eucalyptus (Ubuntu): | |
status: | New → Triaged |
importance: | Undecided → High |
security vulnerability: | no → yes |
Changed in eucalyptus (Ubuntu): | |
status: | Triaged → In Progress |
assignee: | nobody → Dustin Kirkland (kirkland) |
Changed in eucalyptus: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
I've re-targeted to 1.6
If you are using the 1.6 development and have existing users that you care about, credentials will not work. Hopefully, this is a non issue since folks are probably not using the 1.6 development branch in production. If you want your existing users to work, you need to login to the web interface as admin and click "disable" on each user, then "enable" again.
------- ------- ------- ------- ------- ------- ------- ------- ----
revno: 900
committer: Neil <neil@pall>
branch nick: 1.6
timestamp: Mon 2009-09-28 11:55:06 -0700
message:
fixes #388934