subject:"\[openstack\-dev\] \[api\-wg\]\[glance\] call for comments on Glance spec for Queens"

Re: [openstack-dev] [api-wg][glance] call for comments on Glance spec for Queens

2017-09-29 Thread Adam Heczko

Thank you Brian!
+1 for solving this, I left my comments in review.


On Fri, Sep 29, 2017 at 12:00 PM, Luke Hinds  wrote:

>
>
> On Fri, Sep 29, 2017 at 3:08 AM, Brian Rosmaita <
> rosmaita.foss...@gmail.com> wrote:
>
>> Hello API WG,
>>
>> I've got a patch up for a proposal to fix OSSN-0075 by introducing a
>> new policy.  There are concerns that this will introduce an
>> interoperability problem in that an API call that works in one
>> OpenStack cloud may not work in other OpenStack clouds.  As author of
>> the spec, I think this is an OK trade-off to fix the security issue,
>> but not all members of the Glance community agree, so we're trying to
>> get some wider perspective.  We'd appreciate it if some API-WG members
>> could take a look and leave a comment:
>>
>> https://review.openstack.org/#/c/468179/
>>
>> If you could respond by Tuesday 3 October, that would give us time to
>> get this worked out before the spec freeze (6 October).
>>
>> thanks,
>> brian
>>
>>
> +1 for efforts to take this forward and find a resolution, from a security
> standpoint it would be good to see this solved.
>
> Luke
>
> __
>> OpenStack Development Mailing List (not for usage questions)
>> Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscrib
>> 
>>
>
> __
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>


-- 
Adam Heczko
Security Engineer @ Mirantis Inc.
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] [api-wg][glance] call for comments on Glance spec for Queens

2017-09-29 Thread Luke Hinds

On Fri, Sep 29, 2017 at 3:08 AM, Brian Rosmaita 
wrote:

> Hello API WG,
>
> I've got a patch up for a proposal to fix OSSN-0075 by introducing a
> new policy.  There are concerns that this will introduce an
> interoperability problem in that an API call that works in one
> OpenStack cloud may not work in other OpenStack clouds.  As author of
> the spec, I think this is an OK trade-off to fix the security issue,
> but not all members of the Glance community agree, so we're trying to
> get some wider perspective.  We'd appreciate it if some API-WG members
> could take a look and leave a comment:
>
> https://review.openstack.org/#/c/468179/
>
> If you could respond by Tuesday 3 October, that would give us time to
> get this worked out before the spec freeze (6 October).
>
> thanks,
> brian
>
>
+1 for efforts to take this forward and find a resolution, from a security
standpoint it would be good to see this solved.

Luke

__
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscrib
> 
>
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

[openstack-dev] [api-wg][glance] call for comments on Glance spec for Queens

2017-09-28 Thread Brian Rosmaita

Hello API WG,

I've got a patch up for a proposal to fix OSSN-0075 by introducing a
new policy.  There are concerns that this will introduce an
interoperability problem in that an API call that works in one
OpenStack cloud may not work in other OpenStack clouds.  As author of
the spec, I think this is an OK trade-off to fix the security issue,
but not all members of the Glance community agree, so we're trying to
get some wider perspective.  We'd appreciate it if some API-WG members
could take a look and leave a comment:

https://review.openstack.org/#/c/468179/

If you could respond by Tuesday 3 October, that would give us time to
get this worked out before the spec freeze (6 October).

thanks,
brian

__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] [api-wg][glance] call for comments on Glance spec for Queens

Re: [openstack-dev] [api-wg][glance] call for comments on Glance spec for Queens

[openstack-dev] [api-wg][glance] call for comments on Glance spec for Queens

3 matches

Site Navigation

Mail list logo

Footer information