OpenStack Security Notes

In the event of an account compromise, users should check the trusts issued in Keystone

Bug #1341849 reported by Robert Clark
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Security Notes
Fix Released
High
Stanislaw Pitucha

Bug Description

Trusts can be used to persist access to a compromised users account.

Followup with Travis McPeak.

Revision history for this message
Stanislaw Pitucha (stanislaw-pitucha) wrote :

I'll write something up for this one.

Changed in ossn:
assignee: nobody → Stanislaw Pitucha (stanislaw-pitucha)
Robert Clark (robert-clark)
Changed in ossn:
status: New → In Progress
importance: Undecided → High
Robert Clark (robert-clark)
Changed in ossn:
status: In Progress → Fix Released
Revision history for this message
Robert Clark (robert-clark) wrote :

OSSN Issued some time ago, well done Stan!
https://wiki.openstack.org/wiki/OSSN/OSSN-0021

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.