Comment 29 for bug 1482371
Revision history for this message
| Brian Rosmaita (brian-rosmaita) wrote Re: Image status can be changed by passing header 'x-image-meta-status' with PUT operation using v1 | #29 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
I want to stress the point Hemanth made somewhere above about image activate/
In Kilo, Glance added a security feature that allows an admin to "deactivate" an image while a deployer investigates it. (The image still exists, its record is still visible, but Glance will refuse to download the image data, and hence instances can't be booted from it.) An image owner with access to the v1 API can use this exploit to put the image back into active status, which pretty much negates the deactivation security feature.