yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #25821
[Bug 1386932] Re: context.elevated: copy.copy causes admin role leak
** Changed in: neutron
Status: Fix Committed => Fix Released
** Changed in: neutron
Milestone: None => kilo-1
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1386932
Title:
context.elevated: copy.copy causes admin role leak
Status in Cinder:
Fix Released
Status in Manila:
Fix Committed
Status in OpenStack Neutron (virtual network service):
Fix Released
Status in neutron juno series:
Fix Released
Status in OpenStack Compute (Nova):
Fix Committed
Status in OpenStack Security Advisories:
Won't Fix
Bug description:
In neutron/context.py,
```
context = copy.copy(self)
context.is_admin = True
if 'admin' not in [x.lower() for x in context.roles]:
context.roles.append('admin')
```
copy.copy should be replaced by copy.deepcopy such that the list
reference is not shared between objects. From my cursory search on
github this also affects cinder, gantt, nova, neutron, and manila.
To manage notifications about this bug go to:
https://bugs.launchpad.net/cinder/+bug/1386932/+subscriptions