[Openstack-security] [Bug 1501808] Change abandoned on nova (master)
OpenStack Infra
1501808 at bugs.launchpad.net
Tue Mar 12 13:20:06 UTC 2019
Change abandoned by Matt Riedemann (mriedem.os at gmail.com) on branch: master
Review: https://review.openstack.org/407877
Reason: Duplicate of https://review.openstack.org/#/c/386756/ which was abandoned and I'm going to abandon this also - as noted in that other review, this would be a change in behavior and requires wider discussion.
--
You received this bug notification because you are a member of OpenStack
Security SIG, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1501808
Title:
Enabling soft-deletes opens a DOS on compute hosts
Status in OpenStack Compute (nova):
Opinion
Status in OpenStack Security Advisory:
Won't Fix
Bug description:
If the user sets reclaim_instance_interval to anything other than 0,
then when a user requests an instance delete, it will instead be soft
deleted. Soft delete explicitly releases the user's quota, but does
not release the instance's resources until period task
_reclaim_queued_deletes runs with a period of
reclaim_instance_interval seconds.
A malicious authenticated user can repeatedly create and delete
instances without limit, which will consume resources on the host
without consuming their quota. If done quickly enough, this will
exhaust host resources.
I'm not entirely sure what to suggest in remediation, as this seems to
be a deliberate design. The most obvious fix would be to not release
quota until the instance is reaped, but that would be a significant
change in behaviour.
This is very similar to https://bugs.launchpad.net/bugs/cve/2015-3280
, except that we do it deliberately.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1501808/+subscriptions
More information about the Openstack-security
mailing list