Public bug reported:
Under security groups, when we try to add a new inbound rule using CIDR
it doesn`t validate the input.
example.
0.0.0.0/0 is a rule that will open inbound access to internet. but at
the same time if there is a valid ip e.g. 172.155.0.0/0 then "0" bit
match should not be allowed.
This UI validation is the part of AWS. so even if someone by mistake types the
/0 with valid ip address it will make the rule to open the inbound to entire
internet.
** Affects: horizon
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1717121
Title:
Security group Inbound rule allows ip addresses with /0 option.
Status in OpenStack Dashboard (Horizon):
New
Bug description:
Under security groups, when we try to add a new inbound rule using
CIDR it doesn`t validate the input.
example.
0.0.0.0/0 is a rule that will open inbound access to internet. but at
the same time if there is a valid ip e.g. 172.155.0.0/0 then "0" bit
match should not be allowed.
This UI validation is the part of AWS. so even if someone by mistake types
the /0 with valid ip address it will make the rule to open the inbound to
entire internet.
To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1717121/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
