Stacktrace is visible for api call exceptions
Bug #869132 reported by
Stanislaw Pitucha
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| OpenStack Compute (nova) |
Fix Released
|
Low
|
Stanislaw Pitucha | ||
Bug Description
Stacktrace is visible for the api users in case some internal exception occurs. This should not be possible for both user-friendliness reasons and to limit potential security problems of revealing failing component.
| Changed in nova: | |
| assignee: | nobody → Stanislaw Pitucha (stanislaw-pitucha) |
| status: | New → In Progress |
| Changed in nova: | |
| importance: | Undecided → Medium |
| security vulnerability: | no → yes |
| Changed in nova: | |
| importance: | Medium → Low |
Revision history for this message
| Openstack Gerrit (openstack-gerrit) wrote Fix merged to nova (master) | #1 |
| Changed in nova: | |
| status: | In Progress → Fix Committed |
| Changed in nova: | |
| milestone: | none → essex-1 |
| status: | Fix Committed → Fix Released |
| Changed in nova: | |
| milestone: | essex-1 → 2012.1 |
To post a comment you must log in.
Reviewed: https:/
Committed: http://
Submitter: Jenkins
Branch: master
status fixcommitted
done
commit 68111826afed690
Author: Ahmad Hassan <email address hidden>
Date: Thu Oct 6 11:16:32 2011 +0100
Capture exceptions happening in API layer
Added the faulwrapper around EC2 api so that it captures any unseen
exceptions and return a graceful error back. Also changed the openstack
exception message. The actual exception message will be printed in the
logs and would not return back the user.
Removed openstack wsgi dependency from
EC2 fault wrapper. Added unit tests for
EC2 fault wrapper
Fixes bug 869132.
Change-Id: I03d18f321f141a