[Bug 1422046] Re: cinder backup-list is always listing all tenants's bug for admin
Jeremy Stanley
fungi at yuggoth.org
Mon Nov 9 19:02:09 UTC 2015
While I agree there is a non-negligible risk presented by this behavior,
I don't see how a malicious actor could use this flaw to their
advantage. As such, it doesn't seem like something for which the
OpenStack Vulnerability Management Team would issue an official security
advisory.
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to python-cinderclient in Ubuntu.
https://bugs.launchpad.net/bugs/1422046
Title:
cinder backup-list is always listing all tenants's bug for admin
Status in OpenStack Dashboard (Horizon):
New
Status in ospurge:
Fix Committed
Status in OpenStack Security Advisory:
Incomplete
Status in python-cinderclient:
Fix Released
Status in python-cinderclient package in Ubuntu:
Confirmed
Bug description:
cinder backup-list doesn't support '--all-tenants' argument for admin
wright now. This lead to admin always getting all tenants's backups.
To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1422046/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list