weizhouapache commented on pull request #4774: URL: https://github.com/apache/cloudstack/pull/4774#issuecomment-938443164
> I've security concerns about this PR, really haven't seen the code or tested it myself - should this be considered in the milestone so close to the RC - @nvazquez @sureshanaparti ? @rhtyd can you describe it ? in 4.16, there is a globals setting `allow.public.user.templates` . if it is set to true (default value), users are able to create public templates. However, the public templates are visible for all users on the platform. this is my security concern actually, this PR solves the problem by adding a new global setting to determine the public templates are visible to users in the domain or all users. I think it is a good idea. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
