<div dir="ltr">I'm using Havana + Ubuntu 12.04.3 + KVM.<div class="gmail_extra"><br><br><div class="gmail_quote">On 23 December 2013 12:51, Gary Kotton <span dir="ltr"><<a href="mailto:gkotton@vmware.com" target="_blank">gkotton@vmware.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi,<br>
Which driver are you using? For the Vmware driver we found an edge case<br>
where this may happen - please see<br>
<a href="https://bugs.launchpad.net/nova/+bug/1255609" target="_blank">https://bugs.launchpad.net/nova/+bug/1255609</a> and the fix for this is<br>
(<a href="https://review.openstack.org/#/c/58994/" target="_blank">https://review.openstack.org/#/c/58994/</a>).<br>
Thanks<br>
Gary<br>
<div><div><br>
<br>
On 12/23/13 3:16 PM, "Jay Pipes" <<a href="mailto:jaypipes@gmail.com" target="_blank">jaypipes@gmail.com</a>> wrote:<br>
<br>
>On 12/22/2013 12:37 PM, Martinx - �$B%8%'!<%`%:�(B wrote:<br>
>> Stackers!<br>
>><br>
>> I need a bit help here...<br>
>><br>
>> My OpenStack Havana (Ubuntu 12.04.3) was working smoothly and, I don't<br>
>> know what had happened here but, now, I'm seeing some weird problems.<br>
>><br>
>> Right now, the "Tenant A" is seeing the VNC Consoles of "Tenant B" !!!<br>
>><br>
>> How is that even possible?! There is no authentication here to deal with<br>
>> this kind of things!? I'm really worried about this.<br>
>><br>
>> Look:<br>
>><br>
>> "Tenant A" Instances:<br>
>><br>
>> Inline images 1<br>
>><br>
>><br>
>> "Tenant A" accessing the VNC Console of a "Tenant B" Instance!!!<br>
>><br>
>> Inline images 2<br>
>><br>
>><br>
>> This is a very serious problem, since I'm giving to the "Tenant A",<br>
>> almost total access to "Tenant B" Instances!! This kind of situation<br>
>> should NEVER occur!<br>
>><br>
>> What can I do to completely block this?<br>
>><br>
>> I just started a new Instance for "Tenant A", and I'm seeing ANOTHER VNC<br>
>> Console from "Tenant B"!!<br>
><br>
>Thiago, yes, this is indeed a major security breach. If you have not<br>
>already, please create a bug in Launchpad with your image attachments<br>
>and a description to reproduce the bug if you can. Please mark the bug<br>
>as a security/private bug.<br>
><br>
>Thank you!<br>
>-jay<br>
><br>
><br>
>_______________________________________________<br>
>Mailing list:<br>
</div></div>><a href="https://urldefense.proofpoint.com/v1/url?u=http://lists.openstack.org/cgi-" target="_blank">https://urldefense.proofpoint.com/v1/url?u=http://lists.openstack.org/cgi-</a><br>
>bin/mailman/listinfo/openstack&k=oIvRg1%2BdGAgOoM1BIlLLqw%3D%3D%0A&r=eH0px<br>
>TUZo8NPZyF6hgoMQu%2BfDtysg45MkPhCZFxPEq8%3D%0A&m=9zlG7EzeXdrgbFxbGhS%2Bh8h<br>
>4d0crA1SrR3PuTcIvYVY%3D%0A&s=671911c8510352d2b56807e0170038b46dd1491a8b274<br>
>7f0e17231a0eb333da0<br>
>Post to : <a href="mailto:openstack@lists.openstack.org" target="_blank">openstack@lists.openstack.org</a><br>
>Unsubscribe :<br>
><a href="https://urldefense.proofpoint.com/v1/url?u=http://lists.openstack.org/cgi-" target="_blank">https://urldefense.proofpoint.com/v1/url?u=http://lists.openstack.org/cgi-</a><br>
>bin/mailman/listinfo/openstack&k=oIvRg1%2BdGAgOoM1BIlLLqw%3D%3D%0A&r=eH0px<br>
>TUZo8NPZyF6hgoMQu%2BfDtysg45MkPhCZFxPEq8%3D%0A&m=9zlG7EzeXdrgbFxbGhS%2Bh8h<br>
>4d0crA1SrR3PuTcIvYVY%3D%0A&s=671911c8510352d2b56807e0170038b46dd1491a8b274<br>
>7f0e17231a0eb333da0<br>
<div><div><br>
<br>
_______________________________________________<br>
Mailing list: <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a><br>
Post to : <a href="mailto:openstack@lists.openstack.org" target="_blank">openstack@lists.openstack.org</a><br>
Unsubscribe : <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a><br>
</div></div></blockquote></div><br></div></div>