Reviewed: https://review.openstack.org/85823 Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=da66d50010d5b1ba1d7fc9c3d59d81b6c01bb0b0 Submitter: Jenkins Branch: milestone-proposed
commit da66d50010d5b1ba1d7fc9c3d59d81b6c01bb0b0 Author: Salvatore Orlando <salv.orla...@gmail.com> Date: Thu Apr 3 14:54:11 2014 -0700 Require admin context for interfaces on ext network Currently any user can attach an interface to a neutron external network, if the neutron plugin supports the port binding extension. In this case, nova will create neutron ports using the admin client, thus bypassing neutron authZ checks for creating ports on external networks. This patch adds a check in nova to verify the API request has an admin context when a request for an interface is made on a neutron external network. Change-Id: I5fb0bdcbf19eb82746ea3b192c1f65899bfb3c0b Closes-Bug: 1284718 (cherry picked from commit 7d1b4117fda7709307a35e56625cfa7709a6b795) ** Changed in: nova Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to nova in Ubuntu. https://bugs.launchpad.net/bugs/1284718 Title: interface-attach to external network a) works and b) results in undeletable instances To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1284718/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs