[one-users] users can see other VMs, security concern ?
Danny Sternkopf
danny.sternkopf at csc.fi
Fri Feb 25 06:01:57 PST 2011
Yep, it is definately a major security risk.
The sunstone WebGUI has a user limited view in contrast.
On 2011-02-25 15:58, Zeeshan Ali Shah wrote:
> wow, i think user can see each other VM , definately they cannot delete
> them , but they can even look into other vms with onevm show..
>
> is it normal ? also user can see onehost list and onevnet show.
>
> which is bit issue as user can poke into infrastructure.
>
> with User i mean , normal user you create with oneuser create command
>
> do these concern a security risk ?
>
--
Danny Sternkopf, Systems Specialist, Computing Environments
P.O.Box 405, 02101 Espoo, Finland
tel +358 9 457 2003, fax +358 9 457 2302
Mobile +358 50 381 8569, e-mail danny.sternkopf at csc.fi
CSC - IT center for science, http://www.csc.fi
More information about the Users
mailing list