[Openstack-security] [openstack/keystone] SecurityImpact review request change I4cc3fd9e0958c3f7fda83ad696807a7c8f63cecb

gerrit2 at review.openstack.org gerrit2 at review.openstack.org
Wed Apr 12 17:52:36 UTC 2017


Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/401808

Log:
commit 2c0878f6baed78156c841c19b6121f001d2698c9
Author: Adam Young <ayoung at redhat.com>
Date:   Thu Nov 3 20:13:07 2016 -0400

    Route based RBAC Management Interface
    
    A new entity in the Role backend that maps from
    
    VERB + Path  to Role.
    
    I.E. from GET /v2/users to Member
    
    Beyond the backend and CRUD API for Routes
    there is also a Bulk Upload and management API.
    
    No RBAC enforcement is done in this commit, just
    management of the data that will be used in
    Keystone middleware.
    
    blueprint token-verify-role-check
    SecurityImpact
    APIImpact
    
    Co-Authored-By: Kristi Nikolla <knikolla at bu.edu>
    
    Change-Id: I4cc3fd9e0958c3f7fda83ad696807a7c8f63cecb





More information about the Openstack-security mailing list