Keystone "scoped tokens" imply better security isolation than is actually implemented
Bug #1341816 reported by
Robert Clark
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Security Notes |
Fix Released
|
High
|
Robert Clark |
Bug Description
Scoped tokens are not endpoint bound, not matching user expectations.
A fix is in flight but won't be complete for some time and it may be useful to have an OSSN to provide guidance on the issue.
Consult with Nathan Kinder for more information.
Changed in ossn: | |
status: | New → In Progress |
importance: | Undecided → High |
Changed in ossn: | |
assignee: | Priti Desai (priti-desai) → nobody |
status: | In Progress → New |
Changed in ossn: | |
assignee: | nobody → Robert Clark (robert-clark) |
To post a comment you must log in.
I will take it up. Nathan, lets have a discussion on this. Thanks !!!