For Glance, I think capping the size of images is a good strengthening measure that should definitely be implemented. I just fail to be convinced that this closes a vulnerability: IMHO it falls in normal usage (yes, you can fill Glance and Swift space if you want to, but should be billed for it). Maybe that's just me, though :)
It's another story for Nova, which should not be DoSed because Glance lets people do weird things. It should implement its own capping/protection IMHO. The x-image-meta-location is even more convenient to exploit for fun and profit, this is a vulnerability and it should be fixed.
I'd really like to hear others opinions. Russell, Steve, Vish ?
For Glance, I think capping the size of images is a good strengthening measure that should definitely be implemented. I just fail to be convinced that this closes a vulnerability: IMHO it falls in normal usage (yes, you can fill Glance and Swift space if you want to, but should be billed for it). Maybe that's just me, though :)
It's another story for Nova, which should not be DoSed because Glance lets people do weird things. It should implement its own capping/protection IMHO. The x-image- meta-location is even more convenient to exploit for fun and profit, this is a vulnerability and it should be fixed.
I'd really like to hear others opinions. Russell, Steve, Vish ?