[Openstack-security] [Bug 1422046] Re: cinder backup-list is always listing all tenants's bug for admin
Jeremy Stanley
fungi at yuggoth.org
Tue Nov 10 14:40:16 UTC 2015
Correct, we consider that latter case a "security hardening opportunity"
and I'm triaging this report as one now (class D in our taxonomy
https://security.openstack.org/vmt-process.html#incident-report-taxonomy
). Depending on severity and available time from editors in the Security
Team, these sorts of issues sometimes get an OpenStack Security Note
published (OSSN rather than OSSA).
** Changed in: ossa
Status: Incomplete => Won't Fix
** Information type changed from Public Security to Public
** Tags added: security
--
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1422046
Title:
cinder backup-list is always listing all tenants's bug for admin
Status in OpenStack Dashboard (Horizon):
New
Status in ospurge:
Fix Committed
Status in OpenStack Security Advisory:
Won't Fix
Status in python-cinderclient:
Fix Released
Status in python-cinderclient package in Ubuntu:
Confirmed
Bug description:
cinder backup-list doesn't support '--all-tenants' argument for admin
wright now. This lead to admin always getting all tenants's backups.
To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1422046/+subscriptions
More information about the Openstack-security
mailing list