yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1792890] [NEW] The user can delete a security group which is used as remote-group-id

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Adit Sarfaty <asarfaty@xxxxxxxxxx>
Date: Mon, 17 Sep 2018 08:59:29 -0000
Reply-to: Bug 1792890 <1792890@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

A security group which is used as a remotr-group by another security group rule, can be deleted by the user.
This action should be blocked with "security group in use" error.
In the current state, the rule of the other SG is deleted from the DB (because of cascade in the DB table definition).

CLI example:
neutron security-group-create sg1
neutron security-group-create sg2
neutron security-group-rule-create sg1 --remote-group-id sg2
neutron security-group-delete sg2

** Affects: neutron
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1792890

Title:
  The user can delete a security group which is used as remote-group-id

Status in neutron:
  New

Bug description:
  A security group which is used as a remotr-group by another security group rule, can be deleted by the user.
  This action should be blocked with "security group in use" error.
  In the current state, the rule of the other SG is deleted from the DB (because of cascade in the DB table definition).

  CLI example:
  neutron security-group-create sg1
  neutron security-group-create sg2
  neutron security-group-rule-create sg1 --remote-group-id sg2
  neutron security-group-delete sg2

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1792890/+subscriptions