PowerVM config drive path is not secure
Bug #1771538 reported by
Andrey Volkov
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Fix Released
|
Medium
|
Matthew Edmonds | ||
nova-powervm |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
This report is based on the Bandit scanner results and code review.
43 _VOPT_SIZE_GB = 1
44 _VOPT_TMPDIR = '/tmp/cfgdrv/'
45
We have hardcoded tmp dir that could be cleaned up after compute node reboot.
As mentioned in todo it might be good to use conf option.
2)
On https:/
Predictable file name based on a user input is used:
116 file_name = pvm_util.
117 instance.name, prefix='cfg_', suffix='.iso',
118 max_len=
Probably we could use instance.uuid for that.
tags: | added: powervm |
Changed in nova: | |
importance: | Undecided → Medium |
To post a comment you must log in.
https:/ /security. openstack. org/guidelines/ dg_using- temporary- files-securely. html