[Openstack-security] [openstack/nova] SecurityImpact review request change Ibddf3529a219cb9a0c1d4cfdb89327b53454c436
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Fri Jul 3 07:51:15 UTC 2015
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/150710
Log:
commit 4d6a50ab3e61e2ae550973fdcc110eff97847190
Author: ShaoHe Feng <shaohe.feng at intel.com>
Date: Mon Mar 2 22:26:12 2015 +0800
Remove db layer hard-code permission checks for floating_ip_dns
This patches removes db layer hard-code permission checks for
floating_ip_dns.
Partially implements bp nova-api-policy-final-part
SecurityImpact
UpgradeImpact:
Due to the db layer permission checks are removed, we need to add default
policy rule into policy file. In this patch,
"os_compute_api:os-floating-ip-dns:domain:update" and
"os_compute_api:os-floating-ip-dns:domain:delete" were updated with a default
rule. Admin will be notfied to update their policy configure file to keep
the behavior as before.
Change-Id: Ibddf3529a219cb9a0c1d4cfdb89327b53454c436
More information about the Openstack-security
mailing list