I just noticed that the unitassigner facade-constructor drops the authorizer on the floor; and I caught a similar case in a review yesterday (that had already been LGTMed by someone else).
Doing that means that *any* api connection can use the thus-unprotected facade -- clients, agents, and malicious code running in a compromised machine and using the agent credentials. I don't think we have any APIs where this is actually a good idea; the best I could say about any such case is that it's not *actively* harmful *right now*. But big exploits are made of little holes, let's make an effort not to open them in the first place. Moonstone, please fix the unitassigner facade ASAP; everyone else, be told, and keep an extra eye out for this issue in reviews :). Cheers William
-- Juju-dev mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/juju-dev
