yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #14859
[Bug 1319640] Re: Console to instance persists even after logging out of Horizon
>From a Nova perspective this is not a security issue. When console
access is requested a token is returned as Thierry mentioned and as long
as a valid token is used to access the console it doesn't matter if a
user is logged into Horizon, or if they've reopened the tab.
Essentially authorization is wrapped up in the token returned by Nova,
not Horizon.
There could be a feature request to provide token revocation which
Horizon could use on logout though.
** Changed in: nova
Status: New => Invalid
** Changed in: nova
Importance: Undecided => Wishlist
** Changed in: nova
Status: Invalid => Confirmed
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1319640
Title:
Console to instance persists even after logging out of Horizon
Status in OpenStack Dashboard (Horizon):
Incomplete
Status in OpenStack Compute (Nova):
Confirmed
Status in OpenStack Security Advisories:
Incomplete
Bug description:
Steps to Recreate the bug
1. Log in through Horizon dashboard
2. Create an instance and wait till it is running
3. Console the VM from drop down menu for the instance
4. Open Console on new window.
5. Now log out of the dashboard
6. Scenario 1 : Now you can see that Instance console session still persists
7. Copy the URL of console window.
8. Close the Console window
9. Scenario 2 : Reopen the window (In my case CTRL+SHIFT+T) on the browser - Will get access to the Instance Console.
10. Scenario 3: Pass on the copied URL to other LAN users and ask them to use it - Will get access to the Instance Console
I assume it must have been like,
Session for the console must exit once the console is closed.
Must not allow multiple sessions (Refering to Scenario 3)
To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1319640/+subscriptions