[Openstack-security] [Bug 1118066] Re: Possible to get and update quotas for nonexistant tenant
Phil Day
1118066 at bugs.launchpad.net
Wed Jan 22 09:16:50 UTC 2014
Goes beyond the scope of the specific bug here, but IMO the real fix for
this kind of issue is that quota limits should be managed in Keystone
(and passed to Nova and other services as part of the context) , and
enforced in the service.
Project and User IDs are really just foreign keys to Nova, it shouldn't
be managing properties of them.
--
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1118066
Title:
Possible to get and update quotas for nonexistant tenant
Status in OpenStack Compute (Nova):
Confirmed
Bug description:
GET /v2/:tenant/os-quota-sets/:this_tenant_does_not_exist
returns 200 with the default quotas.
Moreover
POST /v2/:tenant/os-quota-sets/:this_tenant_does_not_exist
with updated quotas succeeds and that metadata is saved!
I'm not sure if this is a bug or not. I cannot find any documentation
on this interface.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1118066/+subscriptions
More information about the Openstack-security
mailing list