yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #05922
[Bug 1238293] Re: Admin for tenant can view ports belonging to other tenants upon executing quantum port-list
The v2 API is well established for over 3 releases now. We should not
change this behavior until we decided it is time to offer a v3 API.
** Changed in: neutron
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1238293
Title:
Admin for tenant can view ports belonging to other tenants upon
executing quantum port-list
Status in OpenStack Neutron (virtual network service):
Won't Fix
Bug description:
Currently, if we create two networks, say net1 and net2, for two different tenants, tenant1 and tenant2 respectively, and add ports to these networks, quantum port-list run by an admin user of tenant1 is able to view ports belonging to tenant2. This is not expected behavior. An admin user of tenant1 should be able to view all ports within that tenant, but not those belonging to another tenant. It looks like quantum isn't correclty using the scope and non-scope tokens that are passed to it, when retrieving port/network info from the quantum database.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1238293/+subscriptions