Instance actions history is unbounded
Bug #1175193 reported by
Russell Bryant
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Opinion
|
Wishlist
|
Unassigned |
Bug Description
Grizzly included a new feature to keep a history of actions performed on an instance. The history kept in the database is unbounded. As a result, a malicious user could perform actions in a loop and cause the database to grow without bounds. Some of the quicker actions that could be used to exploit this are pause, unpause, or change password.
Changed in nova: | |
assignee: | nobody → Andrew Laski (alaski) |
To post a comment you must log in.
I'm a bit reluctant to consider linear database growth due to normal usage a "vulnerability", but I guess if there is a quick and free action out there it could be easily exploited... Opinions ?