can_share option grants write permissions on swift container in multi tenant mode.

Bug #1270569 reported by Nassim Babaci on 2014-01-19
This bug affects 2 people
Affects Status Importance Assigned to Milestone

Bug Description

In v1, in multi tenant mode, when a user from a tenant (let say T1) share an image with the 'can_share' flag, then the user with who the image is shared is granted write permission on the swift container of tenant T1.

As a consequence all user from the tenant T2 can write to that container and thus consuming User1 swift quotas.

here how to reproduce:

Important lines here are, when we share an image with other user with can_share flag
  ubuntu@devstack-nb:~/devstack$ glance member-create --can-share image-demo cd563ba051bd4341b1015566e260f09e

The ACL of the swift container become:
   Read ACL:
   Write ACL: cd563ba051bd4341b1015566e260f09e:*

Note that the users from T2 can write to the container but not read, which make him unable to use the image that have been shared.

information type: Private Security → Public
Changed in glance:
assignee: nobody → Nassim Babaci (nassim-babaci)
Changed in glance:
status: New → In Progress
Nikhil Komawar (nikhil-komawar) wrote :

Is this still valid?

Ian Cordasco (icordasc) on 2015-01-24
Changed in glance:
status: In Progress → Incomplete
assignee: Nassim Babaci (nassim-babaci) → nobody
tags: added: propose-close

Change abandoned by Flavio Percoco (<email address hidden>) on branch: master
Reason: after all this time, I'd assume we don't need this patch anymore. The bug/blueprint was probably fixed already or invalidated. Please, feel free to re-open it if you think otherwise.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers