Glance copy_from should gracefully handle file store
Bug #942118 reported by
Brian Waldon
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Glance |
Fix Released
|
Medium
|
Eoghan Glynn |
Bug Description
If you try to add an image with copy_from set to file:///somewhere, the API returns a 500 due to a NotImplementedError raised from get_size in the filesystem store driver. Ideally, the user would not be able to upload an image and ask the api to read from the local filesystem for security reasons.
This is not a security bug at the moment due to the 500.
Changed in glance: | |
milestone: | essex-4 → 2012.1 |
To post a comment you must log in.
Looking at this in more detail, it turns out we've had the same issue with location= file:// /somewhere, again masked by the NotImplemented on glance. store.filesyste m.Store. get_size( ).
So the fix should address both the copy_from and location styles of external source.