Comment 28 for bug 1990157
Revision history for this message
| Erno Kuvaja (jokke) wrote Re: Malicious image data modification can happen when using COW | #28 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
@Brian for your #2 I think cinder is still an issue. The image data in Ceph consists of the image "object/file", if you wish, named as Image-ID and read-only snapshot of it called snap. The location of RBD image in glance points to that snap of the object. So malicious user would need to replace that snap of the image to be able to change the image data, which is not possible if there is other references for that snap (say already running COW VM of it). One can modify the image data object and create new snapshot of it, but that would require update into the database which solving #1 would prevent.
Not bullet proof for every corner case, but heavily resistant compared to our present situation.