Security Issue: Users with an admin role are able to list and manipulate apps belonging to other tenants.
Bug #1454838 reported by
Murali Allada
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Solum |
Fix Released
|
Undecided
|
Murali Allada | ||
Bug Description
Users with an admin role are able to list and manipulate apps belonging to other tenants.
Users, even admins, should be allowed access to apps that belong to the same tenant as the user.
We need to introduce a global admin for use by customer service, devops and devs for troubleshooting end user apps. This follows Heats model of using a single tenant created specifically for accessing apps belonging to all tenants.
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix proposed to solum (master) | #1 |
| Changed in solum: | |
| status: | New → In Progress |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to solum (master) | #2 |
| Changed in solum: | |
| status: | In Progress → Fix Committed |
| Changed in solum: | |
| status: | Fix Committed → Fix Released |
To post a comment you must log in.
Fix proposed to branch: master
Review: https:/