Comment 27 for bug 1242597
Revision history for this message
| Thierry Carrez (ttx) wrote Re: ec2tokens API doesn't handle trust-scoped tokens correctly | #27 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
@Morgan: go for (1)
I should probably add a grizzly-specific note explaining that we took this radical action in the patch.
Something like "Note: the patch for this vulnerability in Grizzly disables the ability to derive ec2 credentials from a trust, as there is no clean way in Grizzly to properly correlate the two." -- Feel free to suggest better wording to add to the description.