Nux created CLOUDSTACK-1327:
-------------------------------
Summary: Cloudstack allows users to import huge templates from
unauthorised URLs
Key: CLOUDSTACK-1327
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-1327
Project: CloudStack
Issue Type: Bug
Security Level: Public (Anyone can view this level - this is the default.)
Components: Management Server, Template
Affects Versions: 4.0.1
Environment: Centos 6 x86_64 kvm hypervisors
Reporter: Nux
Priority: Critical
Because Cloudstack deploys instances as r/w snapshots of the template,
importing a template with, say 1 TB diskspace will give you 1 TB instances...
this will lead to service abuse.
Currently Cloudstack allows regular users to install templates from not allowed
URLs.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
