[Openstack-security] [openstack/nova-specs] SecurityImpact review request change Id2304adeb9490a630e1979bb70037ad8a2656d73
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Mon Apr 10 14:59:15 UTC 2017
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/357151
Log:
commit 79a1152bfc37dedc777f5568c9663b4d40268007
Author: Peter Hamilton <peter.hamilton at jhuapl.edu>
Date: Wed Mar 22 17:16:26 2017 -0400
Add support for certificate validation
This spec describes changes that would allow Nova to perform
certificate validation when verifying Glance image signatures.
While image signing ensures that image data is obtained
unmodified from Glance, it does not prevent an attacker from
uploading and signing a malicious image. The addition of
Nova API changes allows Nova users to control the certificates
which are allowed to sign images.
This spec describes work related to image verification. For
more information, see: https://review.openstack.org/#/c/343654
APIImpact
DocImpact
SecurityImpact
Change-Id: Id2304adeb9490a630e1979bb70037ad8a2656d73
More information about the Openstack-security
mailing list