openstack-attic/openstack-security-notes
Code Issues Proposed changes
15 Commits 1 Branch 0 Tags
d342849a4a79607f431c6d3c1879d9ffac4fa23d
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Nathan Kinder d342849a4a Add OSSN-0015 - Glance allows non-admin users to create public images 
This adds OSSN-0015, which covers an issue related to Glance's default
policy allowing all users to publicize images. This can allow a user
to upload a malicious image in an attempt to attack other users.

Related-Bug: 1313746

Change-Id: Ida7519192a5b77730e4fffa7956978252a3d4c1e
2014-05-29 13:28:21 -07:00
notes
Add OSSN-0015 - Glance allows non-admin users to create public images
2014-05-29 13:28:21 -07:00
templates
Modified templates to wrap lines at 72 characters
2014-03-06 18:51:31 -08:00
.gitreview
Add gitreview file
2014-04-01 16:53:46 -07:00
README.md
Add previously published security notes
2014-02-12 21:35:18 -08:00

README.md

OpenStack Security Notes (OSSN)

The OpenStack Security Group (OSSG) publishes Security Notes to advise users of security related issues. Security notes are similar to advisories; they address vulnerabilities in 3rd party tools typically used within OpenStack deployments and provide guidance on common configuration mistakes that can result in an insecure operating environment.

Repository Layout

This repository contains published Security Notes and templates that should be used when creating new Security Notes.

notes - contains Security Notes in e-mail format (see the templates)
templates - contains e-mail and wiki format templates

Useful Links

A list of published Security Notes is available here:

https://wiki.openstack.org/wiki/Security_Notes

The process used to create new Security Notes is available here:

https://wiki.openstack.org/wiki/Security/Security_Note_Process
Description
No description provided
Readme 603 KiB
Languages
Text 100%