Checksum of deactivated image can be modified for 'deactivated' images
Bug #1517963 reported by
Stuart McLaren
This bug report is a duplicate of:
Bug #1517060: Users (without admin privileges) can change ACTIVE_IMMUTABLE properties of their own images when deactivated..
Edit
Remove
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Glance |
Fix Committed
|
Undecided
|
Niall Bunting | ||
Kilo |
Fix Committed
|
Undecided
|
Unassigned |
Bug Description
Similar to bug 1517060 for 'size', the checksum of a deactivated image can be changed via the v1 api.
Changed in glance: | |
assignee: | nobody → Niall Bunting (niall-bunting) |
Changed in glance: | |
status: | New → In Progress |
To post a comment you must log in.
Reviewed: https:/ /review. openstack. org/247532 /git.openstack. org/cgit/ openstack/ glance/ commit/ ?id=fbe964a0f20 b9ab708b85634c3 d707630d403dcd
Committed: https:/
Submitter: Jenkins
Branch: master
commit fbe964a0f20b9ab 708b85634c3d707 630d403dcd
Author: NiallBunting <email address hidden>
Date: Thu Nov 19 14:02:06 2015 +0000
Disallow user modifing ACTIVE_IMMUTABLE of deactivated images
Currently the user can change the ACTIVE_IMMUTABLE properties whilst
the image is 'deactivated'. This should not be the case once an image
has become 'active'.
APIImpact 8ef49568c3cba47 bf0e26dec9d
Change-Id: I744fbce9089300
Closes-Bug: 1517060
Closes-Bug: 1517963