yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1190675] Re: Grizzly quantum rootwrapper imports quantum code

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Alan Pevec <1190675@xxxxxxxxxxxxxxxxxx>
Date: Thu, 08 Aug 2013 20:05:18 -0000
Reply-to: Bug 1190675 <1190675@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: neutron/grizzly
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1190675

Title:
  Grizzly quantum rootwrapper imports quantum code

Status in OpenStack Neutron (virtual network service):
  Won't Fix
Status in neutron grizzly series:
  Fix Released

Bug description:
  https://review.openstack.org/#/c/13536/

  introduced loading of quantum.utils into rootwrap, which is both slow
  (as it loads a lot of other modules that nobody needs) and a potential
  security issue due to the amount of code being run as root.  While I
  don't know of a way to exploit this I think it is a potential risk.

  I suggest this part to be reverted for the quantum rootwrapper.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1190675/+subscriptions