© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
It looks like this patch only enforces role name constraints on the keystone client. Is there any enforcement on the server-side as well, where it is probably most important?
Seems like could be a serious vulnerability if people were using role names to key off of.