relation-get allows access to inappropriate settings
Bug #1223339 reported by
William Reade
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical Juju |
Expired
|
Medium
|
Unassigned | ||
juju-core |
Won't Fix
|
Medium
|
Unassigned |
Bug Description
In a relation between mysql/0 and wordpress/0-3, each wordpress unit can see its siblings' relation settings in addition to the mysql unit's relation settings. This channel is unsafe and inappropriate, because there's no way of reacting to changes in those settings, and must be closed.
tags: |
added: hours removed: bitesize |
tags: | added: security |
Changed in juju-core: | |
importance: | High → Medium |
Changed in juju: | |
milestone: | 2.1-rc2 → none |
To post a comment you must log in.
Re-targeting to Juju 2.x