Comment 67 for bug 2004555
Revision history for this message
| Gorka Eguileor (gorka) wrote Re: [ussuri] Wrong volume attachment - volumes overlapping when connected through iscsi on host | #67 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
Hi Nick,
I like your vulnerability details, though there are a couple of small comments I'd like to make:
- "user could gain control of volumes" ==> It's more like they can gain read/write access to the volumes, but not control, because they cannot delete the volumes, take snapshots, etc.
- "the scope of exposed images" ==> This may be misleading, because when I hear the word "images" in the context of OpenStack I think of Glance images, not Cinder volumes.
- I feel like we are singling out Pure as the only affected FCP driver just because that's the one I could get my hands on. Maybe we can rephrase it:
- Drivers using FCP will be affected unless the array sends the "Power-on Reset" SCSI Sense code when mapping the volume. In our limited testings only a 3PAR array sent it, but this doesn't mean that all 3PARs will do.
Cheers,
Gorka.