[Openstack-security] [Bug 1823104] Re: CellMappingPayload in select_destinations versioned notification sends sensitive database_connection and transport_url information
OpenStack Infra
1823104 at bugs.launchpad.net
Thu Apr 4 14:47:11 UTC 2019
Fix proposed to branch: stable/stein
Review: https://review.openstack.org/650043
** Changed in: nova/stein
Status: Confirmed => In Progress
--
You received this bug notification because you are a member of OpenStack
Security SIG, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1823104
Title:
CellMappingPayload in select_destinations versioned notification sends
sensitive database_connection and transport_url information
Status in OpenStack Compute (nova):
In Progress
Status in OpenStack Compute (nova) stein series:
In Progress
Bug description:
As of this change in Stein:
https://review.openstack.org/#/c/508506/28/nova/notifications/objects/request_spec.py@334
Which is not yet officially released, but is in the 19.0.0.0rc1, the
select_destinations versioned notification payload during a move
operation (resize, cold/live migrate, unshelve, evacuate) will send
the cell database_connection URL and MQ transport_url information
which contains credentials to connect directly to the cell DB and MQ,
which even though notifications are meant to be internal within
openstack services, seems like a pretty bad idea. IOW, just because
it's internal to openstack doesn't mean nova needs to give ceilometer
the keys to it's cell databases.
There seems to be no justification in the change for *why* this
information was needed in the notification payload, it seemed to be
added simply for completeness.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1823104/+subscriptions
More information about the Openstack-security
mailing list