← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1771538] [NEW] PowerVM config drive path is not secure

 

Public bug reported:

This report is based on the Bandit scanner results and code review.

1) 
On https://git.openstack.org/cgit/openstack/nova/tree/nova/virt/powervm/media.py?h=refs/heads/master#n44

43 _VOPT_SIZE_GB = 1
44 _VOPT_TMPDIR = '/tmp/cfgdrv/'
45

We have hardcoded tmp dir that could be cleaned up after compute node reboot.
As mentioned in todo it might be good to use conf option.

2) 
On https://git.openstack.org/cgit/openstack/nova/tree/nova/virt/powervm/media.py?h=refs/heads/master#n116
Predictable file name based on a user input is used:
116        file_name = pvm_util.sanitize_file_name_for_api(
117            instance.name, prefix='cfg_', suffix='.iso',
118            max_len=pvm_const.MaxLen.VOPT_NAME)
Probably we could use instance.uuid for that.

** Affects: nova
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1771538

Title:
  PowerVM config drive path is not secure

Status in OpenStack Compute (nova):
  New

Bug description:
  This report is based on the Bandit scanner results and code review.

  1) 
  On https://git.openstack.org/cgit/openstack/nova/tree/nova/virt/powervm/media.py?h=refs/heads/master#n44

  43 _VOPT_SIZE_GB = 1
  44 _VOPT_TMPDIR = '/tmp/cfgdrv/'
  45

  We have hardcoded tmp dir that could be cleaned up after compute node reboot.
  As mentioned in todo it might be good to use conf option.

  2) 
  On https://git.openstack.org/cgit/openstack/nova/tree/nova/virt/powervm/media.py?h=refs/heads/master#n116
  Predictable file name based on a user input is used:
  116        file_name = pvm_util.sanitize_file_name_for_api(
  117            instance.name, prefix='cfg_', suffix='.iso',
  118            max_len=pvm_const.MaxLen.VOPT_NAME)
  Probably we could use instance.uuid for that.

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1771538/+subscriptions


Follow ups