On Fri, Dec 13, 2013 at 11:32:01AM -0800, Fox, Kevin M wrote: > I hadn't thought about that use case, but that does sound like it > would be a problem.
That, at least, is not much of a problem, because you can block access to the metadata via a blackhole route or similar after you complete your initial configuration: ip route add blackhole 169.254.169.254 This prevents access to the metadata unless someone already has root access on the instance. -- Lars Kellogg-Stedman <l...@redhat.com> | larsks @ irc Cloud Engineering / OpenStack | " " @ twitter
pgp4mFXCAneZr.pgp
Description: PGP signature
_______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
