Open Stack

Nathan,

Happy new year!

Please review the OSSN when you get time.

Thanks,
-Sriram


On Sat, Dec 21, 2013 at 10:03 AM, Sriram Subramanian
<sriram at sriramhere.com>wrote:

> Nate,
>
> The fix won't make it until next release, hence the workaround is
> published as OSSN.
>
>
> On Sat, Dec 21, 2013 at 9:11 AM, Nathanael Burton <
> nathanael.i.burton.work at gmail.com> wrote:
>
>> I might be missing something obvious, but wouldn't making the VNC token
>> from nova-consoleauth a one-time use token solve this problem? I.e. once a
>> user successfully connects to their console with an authorized token it
>> won't work for future connections.  Then the rate-limiting of the Nova API
>> would suffice, which should be presumed to already be in-place and
>> configured.  Does that break other things?
>>
>> Thanks,
>>
>> Nate
>> On Dec 21, 2013 10:57 AM, "Sriram Subramanian" <sriram at sriramhere.com>
>> wrote:
>>
>>> Dear Nathan, Rob, Bryan/ OSSG,
>>>
>>> Sorry for bothering during the holidays. When you get a chance, please
>>> review/ comment on the OSSN:
>>>
>>> https://wiki.openstack.org/wiki/OSSN/1227575
>>> https://bugs.launchpad.net/nova/+bug/1227575
>>>
>>> I wanted to know if links to some rate-limiting frameworks such as
>>> Repose would help. I am not sure if we can link 3rd party tools in OSSNs.
>>>
>>> Happy Holidays!
>>>
>>> Thanks,
>>> -Sriram
>>>
>>> _______________________________________________
>>> Openstack-security mailing list
>>> Openstack-security at lists.openstack.org
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security
>>>
>>>
>
>
> --
> Thanks,
> -Sriram
>



-- 
Thanks,
-Sriram
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-security/attachments/20140102/4eba3490/attachment.html>