Toggling images back from the dead seems like an iffy exploit scenario, since I would expect service providers to delete these in an effort to reclaim space anyway. The surreptitious replacement however, if it's documented that image-to-UUID mapping is immutable, does at least seem like a failing in a security guarantee users might depend on.
Toggling images back from the dead seems like an iffy exploit scenario, since I would expect service providers to delete these in an effort to reclaim space anyway. The surreptitious replacement however, if it's documented that image-to-UUID mapping is immutable, does at least seem like a failing in a security guarantee users might depend on.