trust redelegation allows trustee to create a trust (with impersonation set to true) from a redelegated trust (with impersonation set to false)
Bug #1539766 reported by
Jorge Munoz
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Medium
|
Mikhail Nikolaenko |
Bug Description
When creating a redelegated trust in keystone and the original trust did not allow impersonation, the redelegated trust should not be allowed to create a new trust with impersonation set to true.
Changed in keystone: | |
assignee: | nobody → Jorge Munoz (jorge-munoz) |
Changed in keystone: | |
milestone: | none → mitaka-3 |
importance: | Undecided → High |
summary: |
- Keystone’s trust redelegation allows trustee user to create a trust with - impersonation from redelegated trust that did not allow impersonation. + trust redelegation allows trustee to create a trust (with impersonation + set to true) from a redelegated trust (with impersonation set to false) |
tags: | added: trusts |
Changed in keystone: | |
assignee: | nobody → Ron De Rose (ronald-de-rose) |
Changed in keystone: | |
milestone: | none → newton-2 |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/276474
Review: https:/