[Openstack-security] [Bug 1367238] Re: IBM NAS cinder driver sets 'rw' permissions to all during volume create operation, which is security issue
Thierry Carrez
thierry.carrez+lp at gmail.com
Fri Sep 19 13:50:57 UTC 2014
** Tags added: security
** Information type changed from Public Security to Public
** Changed in: ossa
Status: Incomplete => Won't Fix
--
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1367238
Title:
IBM NAS cinder driver sets 'rw' permissions to all during volume
create operation, which is security issue
Status in Cinder:
Fix Committed
Status in OpenStack Security Advisories:
Won't Fix
Bug description:
IBM NAS cinder driver sets 'rw' permissions to all during volume create operation from a volume snapshot or from an existing volume (volume clone operation).
This is not required as 'rw' permissions to the user only should be sufficient.
This also helps resolve the security issue setting 'rw' permissions to all.
To manage notifications about this bug go to:
https://bugs.launchpad.net/cinder/+bug/1367238/+subscriptions
More information about the Openstack-security
mailing list