yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #02485
[Bug 1125378] Re: [OSSA-2013-006] VNC proxy can be made to connect to wrong VM
** Summary changed:
- VNC proxy can be made to connect to wrong VM
+ [OSSA-2013-006] VNC proxy can be made to connect to wrong VM
** Also affects: ossa
Importance: Undecided
Status: New
** Changed in: ossa
Status: New => Fix Released
** Changed in: ossa
Assignee: (unassigned) => Russell Bryant (russellb)
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1125378
Title:
[OSSA-2013-006] VNC proxy can be made to connect to wrong VM
Status in OpenStack Compute (Nova):
Fix Released
Status in OpenStack Compute (nova) essex series:
Fix Committed
Status in OpenStack Compute (nova) folsom series:
Fix Released
Status in OpenStack Security Advisories:
Fix Released
Bug description:
Suppose a user requests a VNC token, and then deletes the VM right
away, as I understand, the token is still valid not having yet
exceeded the TTL. During this time if a new VM is spawned on the host
and kvm reuses the port to bind the vncserver, it's possible for the
user to use the old token to get access to this new VM, which could be
owned by someone else.
I have seen this happening in Essex code and was wondering if this is
still the case. The possible solutions are to flush the tokens on vm
delete, hard reboot etc or to have a password protected VNC session.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1125378/+subscriptions