[openstack-dev] [glance][ironic][cinder][nova] 'tar' as an image disk_format
Arun SAG
sagarun at gmail.com
Wed Jan 27 20:46:31 UTC 2016
Hi Flavio,
On Wed, Jan 27, 2016 at 4:50 AM, Flavio Percoco <flavio at redhat.com> wrote:
> [snip]
> However, as a community, I think we should send a clear message and protect our users and, in this case, the best way
> is to avoid adding this format as supported.
>
To address some of the concerns i have added a security impact
statement on the spec
1. Ironic doesn't unpack the OS tarball, it will be unpacked on the
target node in a ramdisk using tar utility. (tar -avxf)
2. The moment you allow an un-trusted OS image to be deployed, the
expected security is None. An advisory
doesn't need to manipulate the extraction of the tarball to gain
access in that case.
3. In docker the vulnerability is high because a vulnerable container
can infect the host system.
4. I understand the concerns with the conversion API's , and they are
valid. Please feel free to not support tar as a conversion target.
--
Arun S A G
http://zer0c00l.in/
More information about the OpenStack-dev
mailing list