apiserver authorizers
William Reade
william.reade at canonical.com
Wed Dec 2 09:28:21 UTC 2015
I just noticed that the unitassigner facade-constructor drops the
authorizer on the floor; and I caught a similar case in a review yesterday
(that had already been LGTMed by someone else).
Doing that means that *any* api connection can use the thus-unprotected
facade -- clients, agents, and malicious code running in a compromised
machine and using the agent credentials. I don't think we have any APIs
where this is actually a good idea; the best I could say about any such
case is that it's not *actively* harmful *right now*. But big exploits are
made of little holes, let's make an effort not to open them in the first
place.
Moonstone, please fix the unitassigner facade ASAP; everyone else, be told,
and keep an extra eye out for this issue in reviews :).
Cheers
William
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/juju-dev/attachments/20151202/804d8e5a/attachment.html>
More information about the Juju-dev
mailing list