Open Stack

On 3 June 2016 at 13:31, Carl Baldwin <carl at ecbaldwin.net> wrote:

> On Fri, Jun 3, 2016 at 2:26 PM, Henry Gessau <HenryG at gessau.net> wrote:
> > Darek Smigiel <smigiel.dariusz at gmail.com> wrote:
> >> strange, that owner is not able to just get rid of *his* network and
> subnets.
> >
> > But not all the subnets are his, and consequently the network is
> partially not
> > his.
>
> To me, this is a nonsensical outcome and tells me that subnets
> probably shouldn't really have owners distinct from the network's.
>

This might turn out to be a PEBCAK, as an admin can create a subnet on
behalf of a tenant by specifying his/her tenant id on the request, and that
might as well be the reason why this was never tackled before and we have a
latent loop in the code.

Having said that I think I lean on avoiding the ransomware situation where
a tenant cannot delete his/her own resources, unless the other tenant frees
up the resource explicitly, but only for situations where the resource is
indeed idle. I would be extra cautious of elevating the context
indiscriminately though.


>
> Carl
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20160603/e8b9723c/attachment.html>