Yep, it is definately a major security risk. The sunstone WebGUI has a user limited view in contrast.
On 2011-02-25 15:58, Zeeshan Ali Shah wrote:
wow, i think user can see each other VM , definately they cannot delete them , but they can even look into other vms with onevm show.. is it normal ? also user can see onehost list and onevnet show. which is bit issue as user can poke into infrastructure. with User i mean , normal user you create with oneuser create command do these concern a security risk ?
-- Danny Sternkopf, Systems Specialist, Computing Environments P.O.Box 405, 02101 Espoo, Finland tel +358 9 457 2003, fax +358 9 457 2302 Mobile +358 50 381 8569, e-mail danny.sternk...@csc.fi CSC - IT center for science, http://www.csc.fi _______________________________________________ Users mailing list Users@lists.opennebula.org http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
