Comment 34 for bug 1282865
Revision history for this message
| Brant Knudson (blk-u) wrote Re: Keystone middleware may confuse contexts (CVE-2014-0105) | #34 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0f7b58d
(Get the code!)
I think we need to come to an agreement on the approach to take, and then we can implement it. I think the approach to take is to both:
a) change auth_token to fail if it's configured for memcached and it's running in eventlet and 'thread' isn't monkey-patched.
b) eventlet servers that use auth_token are changed to monkey-patch eventlet 'thread' in addition to their other monkey-patching.