Feature #940

Restrict access to unsecure template attributes

Added by Ruben S. Montero over 9 years ago. Updated about 6 years ago.

Status:ClosedStart date:
Priority:NormalDue date:
Assignee:Ruben S. Montero% Done:

100%

Category:Core & System
Target version:Release 3.2 - S0
Resolution:fixed Pull request:

Description

There are some template attributes like CONTEXT/FILES that exposes some vulnerabilities. This issue will restrict access to those attributes, so only the oneadmin group can use them in templates.


Subtasks

Feature #942: Filter out oneadmin paths from imagesClosedRuben S. Montero

Feature #941: Update DocumentationClosedRuben S. Montero

Associated revisions

Revision 03c9e6bc
Added by Ruben S. Montero over 9 years ago

feature #940: Removed security check in tm_context drivers. Added check for restricted attributes to
VirtualMachineTemplate class. VM creation check templates for non-oneadmin users.

Revision b777701c
Added by Ruben S. Montero over 9 years ago

feature #940: NIC/VLAN_ID is also a restricted attribute

Revision b2acd04d
Added by Ruben S. Montero over 9 years ago

feature #940 - #942: oneadmin can specify restricted dirs (those where images can not be copied) and safe dirs (explicit safe dirs).

Revision f454054f
Added by Carlos Martín over 9 years ago

Feature #940: Oneadmin can use any restricted att. no matter his group

Revision 5bd2e8fa
Added by Carlos Martín over 9 years ago

Feature #940: Add restricted attributes for Images

History

#1 Updated by Ruben S. Montero over 9 years ago

  • Status changed from New to Closed
  • Resolution set to fixed

Also available in: Atom PDF