settingsLogin | Registersettings

[openstack-dev] [api-wg][glance] call for comments on Glance spec for Queens

0 votes

Hello API WG,

I've got a patch up for a proposal to fix OSSN-0075 by introducing a
new policy. There are concerns that this will introduce an
interoperability problem in that an API call that works in one
OpenStack cloud may not work in other OpenStack clouds. As author of
the spec, I think this is an OK trade-off to fix the security issue,
but not all members of the Glance community agree, so we're trying to
get some wider perspective. We'd appreciate it if some API-WG members
could take a look and leave a comment:

https://review.openstack.org/#/c/468179/

If you could respond by Tuesday 3 October, that would give us time to
get this worked out before the spec freeze (6 October).

thanks,
brian


OpenStack Development Mailing List (not for usage questions)
Unsubscribe: OpenStack-dev-request@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
asked Sep 29, 2017 in openstack-dev by rosmaita.fossdev_at_ (4,180 points)   1 2 2

2 Responses

0 votes

On Fri, Sep 29, 2017 at 3:08 AM, Brian Rosmaita rosmaita.fossdev@gmail.com
wrote:

Hello API WG,

I've got a patch up for a proposal to fix OSSN-0075 by introducing a
new policy. There are concerns that this will introduce an
interoperability problem in that an API call that works in one
OpenStack cloud may not work in other OpenStack clouds. As author of
the spec, I think this is an OK trade-off to fix the security issue,
but not all members of the Glance community agree, so we're trying to
get some wider perspective. We'd appreciate it if some API-WG members
could take a look and leave a comment:

https://review.openstack.org/#/c/468179/

If you could respond by Tuesday 3 October, that would give us time to
get this worked out before the spec freeze (6 October).

thanks,
brian

+1 for efforts to take this forward and find a resolution, from a security
standpoint it would be good to see this solved.

Luke


OpenStack Development Mailing List (not for usage questions)
Unsubscribe: OpenStack-dev-request@lists.openstack.org?subject:unsubscrib


OpenStack Development Mailing List (not for usage questions)
Unsubscribe: OpenStack-dev-request@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
responded Sep 29, 2017 by Luke_Hinds (1,500 points)   1
0 votes

Thank you Brian!
+1 for solving this, I left my comments in review.

On Fri, Sep 29, 2017 at 12:00 PM, Luke Hinds lhinds@redhat.com wrote:

On Fri, Sep 29, 2017 at 3:08 AM, Brian Rosmaita <
rosmaita.fossdev@gmail.com> wrote:

Hello API WG,

I've got a patch up for a proposal to fix OSSN-0075 by introducing a
new policy. There are concerns that this will introduce an
interoperability problem in that an API call that works in one
OpenStack cloud may not work in other OpenStack clouds. As author of
the spec, I think this is an OK trade-off to fix the security issue,
but not all members of the Glance community agree, so we're trying to
get some wider perspective. We'd appreciate it if some API-WG members
could take a look and leave a comment:

https://review.openstack.org/#/c/468179/

If you could respond by Tuesday 3 October, that would give us time to
get this worked out before the spec freeze (6 October).

thanks,
brian

+1 for efforts to take this forward and find a resolution, from a security
standpoint it would be good to see this solved.

Luke


OpenStack Development Mailing List (not for usage questions)
Unsubscribe: OpenStack-dev-request@lists.openstack.org?subject:unsubscrib


OpenStack Development Mailing List (not for usage questions)
Unsubscribe: OpenStack-dev-request@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

--
Adam Heczko
Security Engineer @ Mirantis Inc.


OpenStack Development Mailing List (not for usage questions)
Unsubscribe: OpenStack-dev-request@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
responded Sep 29, 2017 by Adam_Heczko (1,860 points)   1
...