[one-users] users can see other VMs, security concern ?

Zeeshan Ali Shah zashah at pdc.kth.se
Fri Feb 25 06:26:25 PST 2011


did you tried it ?  is it using oca or econe to talk to one ?   develop 
in ruby ?


Zeeshan

On 02/25/2011 03:08 PM, Danny Sternkopf wrote:
> Not official, but it is has been added to the trunk since a couple of 
> days.
>
> On 2011-02-25 16:06, Zeeshan Ali Shah wrote:
>> i think sunstone  is not release yet  ?  how to get source of it .. it
>> only shows screenshot here.
>>
>> http://blog.opennebula.org/?p=1344
>> On 02/25/2011 03:01 PM, Danny Sternkopf wrote:
>>> Yep, it is definately a major security risk.
>>> The sunstone WebGUI has a user limited view in contrast.
>>>
>>>
>>> On 2011-02-25 15:58, Zeeshan Ali Shah wrote:
>>>> wow, i think user can see each other VM , definately they cannot 
>>>> delete
>>>> them , but they can even look into  other vms with onevm show..
>>>>
>>>> is it normal ?   also user can see onehost list and onevnet show.
>>>>
>>>> which is bit issue as user can poke into infrastructure.
>>>>
>>>> with User i mean , normal user you create with oneuser create command
>>>>
>>>> do these concern a security risk ?
>>>>
>>>
>>
>>
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org


-- 
Regards

Zeeshan Ali Shah
System Administrator
PDC-Center for High Performance Computing
KTH-Royal Institute of Technology , Sweden
+46 8 790 9115




More information about the Users mailing list