Security Issue: Users with an admin role are able to list and manipulate apps belonging to other tenants.
Bug #1454838 reported by
Murali Allada
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Solum |
Fix Released
|
Undecided
|
Murali Allada |
Bug Description
Users with an admin role are able to list and manipulate apps belonging to other tenants.
Users, even admins, should be allowed access to apps that belong to the same tenant as the user.
We need to introduce a global admin for use by customer service, devops and devs for troubleshooting end user apps. This follows Heats model of using a single tenant created specifically for accessing apps belonging to all tenants.
Changed in solum: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
Fix proposed to branch: master /review. openstack. org/182834
Review: https:/