Keystone "scoped tokens" imply better security isolation than is actually implemented
Bug #1341816 reported by
Robert Clark
on 2014-07-14
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| | OpenStack Security Notes |
High
|
Robert Clark | ||
Bug Description
Scoped tokens are not endpoint bound, not matching user expectations.
A fix is in flight but won't be complete for some time and it may be useful to have an OSSN to provide guidance on the issue.
Consult with Nathan Kinder for more information.
Robert Clark (robert-clark)
on 2014-07-17
| Changed in ossn: | |
| status: | New → In Progress |
| importance: | Undecided → High |
| Nathan Kinder (nkinder) wrote : | #2 |
This note is related to the existing behavior that is described in this write-up:
| Priti Desai (priti-desai) wrote : | #3 |
Potential title: Keystone bearer tokens imply better security isolation than is actually implemented (OOSN-0025)
Nathan Kinder (nkinder)
on 2014-10-23
| Changed in ossn: | |
| assignee: | Priti Desai (priti-desai) → nobody |
| status: | In Progress → New |
Robert Clark (robert-clark)
on 2014-12-08
| Changed in ossn: | |
| assignee: | nobody → Robert Clark (robert-clark) |
| Nathan Kinder (nkinder) wrote : | #4 |
This has been published as OSSN-0042 to the openstack and openstack-dev mailing lists:
| Changed in ossn: | |
| status: | New → Fix Released |
To post a comment you must log in.
I will take it up. Nathan, lets have a discussion on this. Thanks !!!