Activity log for bug #1187076
| Date | Who | What changed | Old value | New value | Message |
|---|---|---|---|---|---|
| 2013-06-03 17:47:43 | Joshua Harlow | bug | added bug | ||
| 2013-06-03 17:48:21 | Joshua Harlow | description | When a volume is initially created the context is immediately elevated (in the volume.manager code) to admin level and if the volume is not created successfully then the rescheduling logic will send back out that elevated context to the scheduler. This seems like a privilege escalation which was not intended (since before the create_volume() call occurred the context was not elevated and if it fails then it becomes elevated). I am not sure of the side-effects this could have, but it seems likely unintended to elevate and unprivileged context, try creation, fail and then send out the elevated context for further scheduling. | When a volume is initially created the context is immediately elevated (in the volume.manager code) to admin level and if the volume is not created successfully then the rescheduling logic will send back out that elevated context to the scheduler. This seems like a privilege escalation which was not intended (since before the create_volume() call occurred the context was not elevated and if it fails then it becomes elevated). I am not sure of the side-effects this could have, but it seems likely unintended to elevate an unprivileged context, try creation, fail and then send out the elevated context for further scheduling. | |
| 2013-06-03 18:03:31 | Jeremy Stanley | bug | added subscriber OpenStack Vulnerability Management team | ||
| 2013-06-03 18:03:51 | Jeremy Stanley | bug task added | ossa | ||
| 2013-06-03 18:05:25 | Jeremy Stanley | bug | added subscriber John Griffith | ||
| 2013-06-04 15:07:06 | Thierry Carrez | ossa: status | New | Incomplete | |
| 2013-06-07 09:31:47 | Thierry Carrez | information type | Private Security | Public | |
| 2013-06-07 09:31:51 | Thierry Carrez | bug | added subscriber Thierry Carrez | ||
| 2013-06-07 09:31:54 | Thierry Carrez | removed subscriber OpenStack Vulnerability Management team | |||
| 2013-06-07 09:32:00 | Thierry Carrez | bug task deleted | ossa | ||
| 2013-06-27 17:41:10 | Mike Perez | cinder: assignee | Mike Perez (thingee) | ||
| 2013-07-02 04:44:44 | Mike Perez | cinder: status | New | Confirmed | |
| 2013-07-02 23:59:51 | Mike Perez | cinder: assignee | Mike Perez (thingee) | Huang Zhiteng (zhiteng-huang) | |
| 2013-07-03 00:10:42 | Huang Zhiteng | cinder: assignee | Huang Zhiteng (zhiteng-huang) | XueChendi (chendi-xue) | |
| 2013-07-03 14:32:06 | OpenStack Infra | cinder: status | Confirmed | In Progress | |
| 2013-07-08 09:08:44 | OpenStack Infra | cinder: status | In Progress | Fix Committed | |
| 2013-07-17 11:07:52 | Thierry Carrez | cinder: status | Fix Committed | Fix Released | |
| 2013-07-17 11:07:52 | Thierry Carrez | cinder: milestone | havana-2 | ||
| 2013-10-17 10:23:07 | Thierry Carrez | cinder: milestone | havana-2 | 2013.2 |
