After having a chat with Hemanth, I'd like to pull back that previous statement about opening this bug. There is attack vector that has not been discussed openly. If admin has deactivated image due to malicious content/behavior, that image can be put back to queued and activated without approval.
This would allow booting new VMs from that potentially malicious image. So lets keep this closed for now.
After having a chat with Hemanth, I'd like to pull back that previous statement about opening this bug. There is attack vector that has not been discussed openly. If admin has deactivated image due to malicious content/behavior, that image can be put back to queued and activated without approval.
This would allow booting new VMs from that potentially malicious image. So lets keep this closed for now.