openstack-ansible

  1. Series icehouse
  2. Bug #1400966
  3. Comment #7

Comment 7 for bug 1400966

Revision history for this message
Hemanth Makkapati (hemanth-makkapati) wrote : Re: Glance allows users to download and delete any file in glance-api server

I haven't taken a closer look at this but my guess is that this behavior is down to filesystem store. Glance creates filesystem store for the location 'file:///' and fetches/deletes the images using this store. However, the fielsystem store isn't enforcing whether or not a given image location falls within the path where the images are usually stored. This path is indicated by 'filesystem_store_datadir' config option. At the following locations in filesystem store, it just looks for whether or not a given image location exists. If it exists, read/delete is performed accordingly.

https://github.com/openstack/glance_store/blob/master/glance_store/_drivers/filesystem.py#L331
https://github.com/openstack/glance_store/blob/master/glance_store/_drivers/filesystem.py#L414

For a quick fix, we can add a check to ensure that image location MUST fall under the path indicated by 'filesystem_store_datadir'. Only then a read/delete operation may be perfomed.

This assessment maybe completely off, please do correct me in that case. I shall take a closer look at this soon-ish.