[Openstack-security] [Bug 1175193] Re: Instance actions history is unbounded
Sean Dague
sean at dague.net
Thu Sep 18 23:42:56 UTC 2014
It's not really clear that anyone is actually seeing this thing, and
there seems to be no interest in fixing it. So it's a pretty theoretical
bug right now.
** Changed in: nova
Importance: Medium => Wishlist
** Changed in: nova
Status: Confirmed => Opinion
--
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1175193
Title:
Instance actions history is unbounded
Status in OpenStack Compute (Nova):
Opinion
Bug description:
Grizzly included a new feature to keep a history of actions performed
on an instance. The history kept in the database is unbounded. As a
result, a malicious user could perform actions in a loop and cause the
database to grow without bounds. Some of the quicker actions that
could be used to exploit this are pause, unpause, or change password.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1175193/+subscriptions
More information about the Openstack-security
mailing list