[Openstack-security] [openstack/glance] SecurityImpact review request change I5a6f587086e926a1f7e9b3f1dac9d7e10710d72a
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Thu Jan 21 08:49:58 UTC 2016
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/233622
Log:
commit f07f36fa3789a4997b84639530e5d6ab1c603983
Author: kairat_kushaev <kkushaev at mirantis.com>
Date: Mon Oct 12 15:56:58 2015 +0300
Allow image-list if access to attrs is forbidden
If access to some attributes is forbidden (f.e. get_image_location
policy is set to role:admin and user is not admin) glance should
just exclude these attributes from image-show, image-list output
instead of generating Forbidden exception.
Otherwise, the policies such as get_image_location is not useful.
APIImpact
SecurityImpact
Change-Id: I5a6f587086e926a1f7e9b3f1dac9d7e10710d72a
Closes-bug: #1502136
More information about the Openstack-security
mailing list