Bug #670

Fix to a security vulnerability in context creation

Added by Tino Vázquez about 10 years ago. Updated about 10 years ago.

Status:ClosedStart date:06/07/2011
Priority:NormalDue date:
Assignee:Javi Fontan% Done:

0%

Category:-
Target version:Release 2.2.1
Resolution:fixed Pull request:
Affected Versions:

Description

It allows to retrieve any file accessible by oneadmin in the OCCI/ECONE server.

Associated revisions

Revision 291da996
Added by Javi Fontan almost 10 years ago

bug #670: let the user disable fs copy to context ISO

Revision 17509ee0
Added by Javi Fontan almost 10 years ago

bug #670: let the user disable fs copy to context ISO
(cherry picked from commit 291da9962c726e94dad9505606028fa09ca762d5)

Revision 94b1707c
Added by Javi Fontan almost 10 years ago

bug #670: Disable context security by default

Revision a10dd2f5
Added by Javi Fontan almost 10 years ago

bug #670: Disable context security by default
(cherry picked from commit 94b1707c423a38a8252505d70fdd71ea8c0222e9)

History

#1 Updated by Tino Vázquez about 10 years ago

  • Category set to 11
  • Status changed from New to Closed
  • Assignee set to Javi Fontan
  • Target version set to Release 2.2.1
  • Resolution set to fixed

Fixed in Revision 12c418b3 and Revision 26532c4b.

Also available in: Atom PDF