[api-sig][neutron] Question on oslo policy assertion when supplied attribute equals the default

Michael McCune msm at redhat.com
Mon Apr 22 20:49:38 UTC 2019


hey Nate,

thanks for the very detailed description, it helped =)

On Mon, Apr 22, 2019 at 4:04 PM Nate Johnston <nate.johnston at redhat.com> wrote:
<snip>
> The Concern
> -----------------------
> The concern raised - and what I hope to get the API SIG's guidance on -
> is whether this raises any kind of security concern.  I don't think it
> will.  Since we are comparing equivalence of the user supplied attribute
> to the default, the end result of a request permitted by this proposal
> should always be the same as a request where the user did not supply
> that argument.  But your wisdom would be appreciated in validating that
> assumption.

i have a couple questions.

will the user in question's permission be checked either way
regardless of how they specify the parameters?

this change might give a lower privileged user (eg a user who cannot
specify "ha") the ability to sniff around for the defaults, but i'm
not sure if that information represents a security risk in this case.
are there any defaults that a potential snooper might leverage for
nefarious behavior? (only asking because i am not familiar with
neutron internals)

assuming there is nothing harmful that could be leaked from the
defaults, your reasoning is sound to me. these parameters will take
the defaults either way, the only thing that seems to be different is
that as a user i might not immediately know which specific parameters
i have access to change.

peace o/



More information about the openstack-discuss mailing list