Comment 35 for bug 1324592
Revision history for this message
| Tristan Cacqueray (tristan-cacqueray) wrote Re: Trust scope can be circumvented by chaining trusts | #35 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
@Dolph thanks for the clarification!
I put 2014.1.1 as an affected version because with the pre-OSSA process, this won't get in time for this release.
Here is the impact description draft #2:
Title: Keystone privilege escalation through trust chained delegation
Reporter: Steven Hardy (RedHat)
Products: Keystone
Versions: up to 2013.2.3, and 2014.1.1
Description:
Steven Hardy from RedHat reported a vulnerability in Keystone chained delegation. By creating a delegation from a trust or OAuth token, a trustee may abuse the identity impersonation against keystone and circumvent the enforced scope, resulting in potential elevated privileges to any of the trustor's projects and or roles. Note that trust support is enabled by default since Grizzly and can only be manually disabled through keystone configuration. All keystone setups are affected.