[Openstack] Security Breach! Tenant A is seeing the VNC Consoles of Tenant B!
gustavo panizzo <gfa>
gfa at zumbi.com.ar
Thu Jan 16 17:37:01 UTC 2014
no, user is a regular user in only one of the tenants
none of the tenants are called admin, all users, tenants and roles are
stored in ldap in my case
On 01/16/2014 02:32 PM, Remo Mattei wrote:
> Just a quick note, is this user / tenant an admin?
>
> Ciao
> --
> Remo Mattei
>
> ------------------------------------------------------------------------
> Da: gustavo panizzo gustavo panizzo <mailto:gfa at zumbi.com.ar>
> Rispondi: gustavo panizzo gfa at zumbi.com.ar <mailto:gfa at zumbi.com.ar>
> Data: January 16, 2014 at 9:19:47
> A: Martinx - ジェームズ thiagocmartinsc at gmail.com
> <mailto:thiagocmartinsc at gmail.com>
> Oggetto: Re: [Openstack] Security Breach! Tenant A is seeing the VNC
> Consoles of Tenant B!
>> it's happening to us too
>>
>> did you fill a bug? can you share the bug number?
>>
>> thanks
>>
>> On 12/23/2013 07:18 PM, Martinx - ジェームズ wrote:
>>> Okay guys, no problem, I can fill a BUG as I did lots of times
>>> before using Launchpad but, I am unable to reproduce this problem in
>>> a fresh installation, so, how to proceed now?!
>>>
>>> I can give full access to my cloud for the experts but, I don't know
>>> if this is desired or not.
>>>
>>> Tks!
>>> Thiago
>>>
>>>
>>> On 23 December 2013 19:54, Jay Pipes <jaypipes at gmail.com
>>> <mailto:jaypipes at gmail.com>> wrote:
>>>
>>> On 12/23/2013 04:32 PM, Jeffrey Walton wrote:
>>>
>>> > This security breach is happening right now here and I
>>> > don't know what can I do to fix it, or what should I type
>>> > on a BUG at Launchpad...
>>> Ubuntu has made it all but impossible to file bug reports. Their
>>> circular redirects are worse than a telephone menu system
>>> that takes you
>>> down a bunch of dead-end paths. Unless you have the URL
>>> jotted down in a
>>> notebook....
>>>
>>>
>>> It's only impossible if you don't read any directions.
>>>
>>> https://bugs.launchpad.net/nova/+filebug
>>>
>>> -jay
>>>
>>>
>>> _______________________________________________
>>> Mailing list:
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>> Post to : openstack at lists.openstack.org
>>> <mailto:openstack at lists.openstack.org>
>>> Unsubscribe :
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>> Post to : openstack at lists.openstack.org
>>> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>
>>
>> --
>> 1AE0 322E B8F7 4717 BDEA BF1D 44BB 1BA7 9F6C 6333
>> !DSPAM:1,52d814b3107501772068915!
>> _______________________________________________
>> Mailing list:
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> Post to : openstack at lists.openstack.org
>> Unsubscribe :
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>
>>
>> !DSPAM:1,52d814b3107501772068915!
--
1AE0 322E B8F7 4717 BDEA BF1D 44BB 1BA7 9F6C 6333
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140116/2dd95ed3/attachment.html>
More information about the Openstack
mailing list