DaanHoogland commented on issue #4590: URL: https://github.com/apache/cloudstack/issues/4590#issuecomment-766413211
@AthenaXiao this is a community driven project, people that experience problems try to get solutions merged. Static analysis has been showing us bad coding practices but without shown exploit no action will be taken. Usually it turns out we are talking about dead code or code that is isolated and unexposed. As this is an integration system, a lot of support for external systems gets implemented and sometimes not phased out in a timely fashion. We get reports like this from time to time and usualy as a result, but seldom do we feel there is a thread serious enough to take action. As said without exploit nobody will be interested to take action. As for potential attack planes, these are the API en the VR/dnmasq/iptables of routers and other system VMs. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
