hey Nate, thanks for the very detailed description, it helped =) On Mon, Apr 22, 2019 at 4:04 PM Nate Johnston <nate.johnston@redhat.com> wrote: <snip>
The Concern ----------------------- The concern raised - and what I hope to get the API SIG's guidance on - is whether this raises any kind of security concern. I don't think it will. Since we are comparing equivalence of the user supplied attribute to the default, the end result of a request permitted by this proposal should always be the same as a request where the user did not supply that argument. But your wisdom would be appreciated in validating that assumption.
i have a couple questions. will the user in question's permission be checked either way regardless of how they specify the parameters? this change might give a lower privileged user (eg a user who cannot specify "ha") the ability to sniff around for the defaults, but i'm not sure if that information represents a security risk in this case. are there any defaults that a potential snooper might leverage for nefarious behavior? (only asking because i am not familiar with neutron internals) assuming there is nothing harmful that could be leaked from the defaults, your reasoning is sound to me. these parameters will take the defaults either way, the only thing that seems to be different is that as a user i might not immediately know which specific parameters i have access to change. peace o/