Security Guide - Networking services - Incorrect Information
Bug #1455926 reported by
N Dillon
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Security Guide Documentation |
Fix Released
|
Critical
|
Rahul U Nair |
Bug Description
From: https:/
"I believe the assertion is that Neutron's flat networking implementation does not provide layer 2 filtering guarantees between tenants on the same broadcast domain, unlike Nova's"
This section in the security guide is incorrect, and is giving security assurance where there is none.
-------
Built: 2015-05-16T15:34:41 00:00
git SHA: c42cf46862483b5
URL: http://
Changed in openstack-manuals: | |
assignee: | nobody → deng.zhengyi (deng-zhengyi) |
assignee: | deng.zhengyi (deng-zhengyi) → nobody |
Changed in openstack-manuals: | |
assignee: | nobody → Ammar Raza (ammar-reza) |
Changed in openstack-manuals: | |
assignee: | Ammar Raza (ammar-reza) → nobody |
Changed in openstack-manuals: | |
assignee: | nobody → Ron De Rose (ronald-de-rose) |
Changed in openstack-manuals: | |
assignee: | Ron De Rose (ronald-de-rose) → nobody |
information type: | Public → Public Security |
Changed in openstack-manuals: | |
assignee: | nobody → Manjeet Singh Bhatia (manjeet-s-bhatia) |
Changed in openstack-manuals: | |
assignee: | Manjeet Singh Bhatia (manjeet-s-bhatia) → nobody |
Changed in openstack-manuals: | |
assignee: | nobody → Ruchika (ruchika) |
Changed in openstack-manuals: | |
assignee: | Ruchika (ruchika) → nobody |
Changed in openstack-manuals: | |
assignee: | Edgar Magana (emagana) → Gaoxiao Zhu (zhugaoxiao) |
assignee: | Gaoxiao Zhu (zhugaoxiao) → nobody |
affects: | openstack-manuals → ossp-security-documentation |
Changed in ossp-security-documentation: | |
assignee: | nobody → Rahul U Nair (rahulunair) |
To post a comment you must log in.
So to confirm - Two tenants on the same broadcasting domain, on layer 2, don't have filtering guarantees with the neutron services without the new patch described in bug 1274034 (https:/ /bugs.launchpad .net/neutron/ +bug/1274034). Their is potential for man in the middle attacks in it's current description of security. The docs need the information on setting up filtering and separation in multi-tenant platforms?