Things in Neutron are restricted at the tenant level. Nothing pays
attention to the user ID (other than maybe a custom policy.json entry). If
you have two users that aren't trusted together, they shouldn't be in the
same tenant.
If we want to change that model, it will definitely require a blueprint
because it would need to be changed for everything rather than just ports.
On Fri, Mar 13, 2015 at 11:48 AM, Paul Ward
wrote:
> From what I can tell, neutron ports do not have the concept of an "owner"
> that is a user. They have "device_owner", which seems to be more for
> things like assigning to a router.
>
> The reason I bring this up is because there seems to be no way to restrict
> the update/delete of a port to only the owner of the nova server it's
> attached to. You can set the policy file to enforce tenant_id, but that
> would still allow any user in a tenant to delete any OTHER user's neutron
> port in that same tenant.
>
> This actually seems like a security problem to me. But given it deals
> with a core neutron object, maybe the best way to approach it is with a
> blueprint in Liberty rather than a bug...
>
> Thoughts?
>
>
> __
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
--
Kevin Benton
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
