| 2015-09-07 17:39:03 |
hossein zabolzadeh |
bug |
|
|
added bug |
| 2015-09-07 17:44:00 |
hossein zabolzadeh |
description |
There is no quota check for snapshots getting from instances both via APIs and horizon. Imagine a situation where a normal user can fill out the whole of the cinder(ceph) storage space by calling the get_instance_snapshot() API, which should be restricted using project quota checks.
How to check the bug?
1- In specific project, launch a new instance.
2- Set the project's quota all the way down(e.g. instances: 1, volume_snapshots: 0, ...).
3- Get snapshots from running instance as much as you can.
You see that there is no quota check and user can fill out the whole of the storage space. |
There is no quota check for snapshots getting from instances both via APIs and horizon. Imagine a situation in which a normal user can fill-out whole of the cinder(ceph) storage space by calling the get_instance_snapshot() API. But its need to control the amount of instance snapshots by defining instance-snapshot-quota.
How to check the bug?
1- In specific project, launch a new instance.
2- Set the project's quota all the way down(e.g. instances: 1, volume_snapshots: 0, ...).
3- Get snapshots from running instance as much as you can.
You see that there is no quota check and user can fill out the whole of the storage space. |
|
| 2015-09-07 17:44:54 |
hossein zabolzadeh |
description |
There is no quota check for snapshots getting from instances both via APIs and horizon. Imagine a situation in which a normal user can fill-out whole of the cinder(ceph) storage space by calling the get_instance_snapshot() API. But its need to control the amount of instance snapshots by defining instance-snapshot-quota.
How to check the bug?
1- In specific project, launch a new instance.
2- Set the project's quota all the way down(e.g. instances: 1, volume_snapshots: 0, ...).
3- Get snapshots from running instance as much as you can.
You see that there is no quota check and user can fill out the whole of the storage space. |
There is no quota check for snapshots getting from instances both via APIs and horizon. Imagine a situation in which a normal user can fill-out whole of the cinder(ceph) storage space by calling the get_instance_snapshot() API. But its need to control the amount of instance snapshots by defining instance-snapshot-quota.
How to check the bug?
1- In specific project, launch a new instance.
2- Set the project's quota all the way down(e.g. instances: 1, volume_snapshots: 0, ...).
3- Get snapshots from running instance as much as you can.
You see that there is no quota check and user can fill-out the whole of the storage space. |
|
| 2015-09-07 17:45:24 |
hossein zabolzadeh |
tags |
|
quota-check |
|
| 2015-09-07 17:48:07 |
hossein zabolzadeh |
tags |
quota-check |
horizon-core keystone |
|
| 2015-09-13 18:03:29 |
hossein zabolzadeh |
description |
There is no quota check for snapshots getting from instances both via APIs and horizon. Imagine a situation in which a normal user can fill-out whole of the cinder(ceph) storage space by calling the get_instance_snapshot() API. But its need to control the amount of instance snapshots by defining instance-snapshot-quota.
How to check the bug?
1- In specific project, launch a new instance.
2- Set the project's quota all the way down(e.g. instances: 1, volume_snapshots: 0, ...).
3- Get snapshots from running instance as much as you can.
You see that there is no quota check and user can fill-out the whole of the storage space. |
There is no quota check for snapshots getting from instances both via APIs and horizon. Imagine a situation in which a normal user can fill-out whole of the cinder(ceph) storage space by calling the get_instance_snapshot() API. But its need to control the amount of instance snapshots by defining instance-snapshot-quota.
How to reproduce?
1- In specific project, launch a new instance.
2- Set the project's quota all the way down(e.g. instances: 1, volume_snapshots: 0, ...).
3- Get snapshots from running instance as much as you can.
You see that there is no quota check and user can fill-out the whole of the storage space. |
|
| 2016-01-11 21:16:46 |
Richard Jones |
horizon: status |
New |
Invalid |
|
| 2016-01-11 21:16:50 |
Richard Jones |
horizon: importance |
Undecided |
Wishlist |
|
| 2016-02-18 06:05:12 |
OpenStack Infra |
horizon: status |
Invalid |
In Progress |
|
| 2016-02-18 06:05:12 |
OpenStack Infra |
horizon: assignee |
|
zhaozhilong (zhaozhilong) |
|
| 2016-02-18 06:17:40 |
zhaozhilong |
horizon: status |
In Progress |
Invalid |
|
| 2016-02-18 06:17:42 |
zhaozhilong |
horizon: assignee |
zhaozhilong (zhaozhilong) |
|
|
| 2016-02-18 07:16:00 |
OpenStack Infra |
horizon: status |
Invalid |
In Progress |
|
| 2016-02-18 07:16:00 |
OpenStack Infra |
horizon: assignee |
|
zhaozhilong (zhaozhilong) |
|
| 2016-02-19 05:26:59 |
zhaozhilong |
horizon: assignee |
zhaozhilong (zhaozhilong) |
|
|
| 2019-05-15 08:59:31 |
Akihiro Motoki |
horizon: status |
In Progress |
Invalid |
|
| 2019-05-15 08:59:37 |
Akihiro Motoki |
horizon: importance |
Wishlist |
Undecided |
|
