*** This bug is a security vulnerability ***
You have been subscribed to a public security bug:
Hi, we are using swift 1.7.4 with keystone auth, and we think we might found a
bug.
Our proxy-server.conf for kesytone is as follow :
[filter:keystoneauth]
use = egg:swift#keystoneauth
operator_roles = admin, swiftoperator
is_admin = true
And every user that has one of the operator_roles roles, are able to
directly delete an account despite it has or not containers/objects.
As long as we understood, only the roles contained in
reseller_admin_role are able to delete accounts despite there is data in
it or not.
** Affects: keystone
Importance: Undecided
Status: Incomplete
** Tags: folsom keystone
--
1.7.4 keystone middleware allows operator_roles to delete accounts
https://bugs.launchpad.net/bugs/1177526
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
