Really nice note Brian. Pretty elaborate and explains almost all details.
A couple of points to consider in this note:
1. Summary
### Summary ###
When Glance has been configured with the "show_multiple_locations" option enabled with default policy for set and delete locations, it is possible for a non-admin user having write access to the image metadata to replace active image data.
2. Public & Community images
These images do not grant write access to the non-owner users of the cloud. Hence, setting an incorrect or malicious locations or manipulations to the image location is not allowed, thus keeping the image location intact and safe for the user.
Really nice note Brian. Pretty elaborate and explains almost all details.
A couple of points to consider in this note:
1. Summary
### Summary ### locations" option enabled with default policy for set and delete locations, it is possible for a non-admin user having write access to the image metadata to replace active image data.
When Glance has been configured with the "show_multiple_
2. Public & Community images
These images do not grant write access to the non-owner users of the cloud. Hence, setting an incorrect or malicious locations or manipulations to the image location is not allowed, thus keeping the image location intact and safe for the user.