Note that I'm not a member of the ossg-coresec group, though the proposed security note looks good to me. Perhaps the recommended actions should also mention that image creation can be restricted to administrator only with the glance add_image policy.
Note that I'm not a member of the ossg-coresec group, though the proposed security note looks good to me. Perhaps the recommended actions should also mention that image creation can be restricted to administrator only with the glance add_image policy.