I'm using Havana + Ubuntu 12.04.3 + KVM.
On 23 December 2013 12:51, Gary Kotton <gkot...@vmware.com> wrote: > Hi, > Which driver are you using? For the Vmware driver we found an edge case > where this may happen - please see > https://bugs.launchpad.net/nova/+bug/1255609 and the fix for this is > (https://review.openstack.org/#/c/58994/). > Thanks > Gary > > > On 12/23/13 3:16 PM, "Jay Pipes" <jaypi...@gmail.com> wrote: > > >On 12/22/2013 12:37 PM, Martinx - ジェームズ wrote: > >> Stackers! > >> > >> I need a bit help here... > >> > >> My OpenStack Havana (Ubuntu 12.04.3) was working smoothly and, I don't > >> know what had happened here but, now, I'm seeing some weird problems. > >> > >> Right now, the "Tenant A" is seeing the VNC Consoles of "Tenant B" !!! > >> > >> How is that even possible?! There is no authentication here to deal with > >> this kind of things!? I'm really worried about this. > >> > >> Look: > >> > >> "Tenant A" Instances: > >> > >> Inline images 1 > >> > >> > >> "Tenant A" accessing the VNC Console of a "Tenant B" Instance!!! > >> > >> Inline images 2 > >> > >> > >> This is a very serious problem, since I'm giving to the "Tenant A", > >> almost total access to "Tenant B" Instances!! This kind of situation > >> should NEVER occur! > >> > >> What can I do to completely block this? > >> > >> I just started a new Instance for "Tenant A", and I'm seeing ANOTHER VNC > >> Console from "Tenant B"!! > > > >Thiago, yes, this is indeed a major security breach. If you have not > >already, please create a bug in Launchpad with your image attachments > >and a description to reproduce the bug if you can. Please mark the bug > >as a security/private bug. > > > >Thank you! > >-jay > > > > > >_______________________________________________ > >Mailing list: > > > https://urldefense.proofpoint.com/v1/url?u=http://lists.openstack.org/cgi- > >bin/mailman/listinfo/openstack&k=oIvRg1%2BdGAgOoM1BIlLLqw%3D%3D%0A&r=eH0px > >TUZo8NPZyF6hgoMQu%2BfDtysg45MkPhCZFxPEq8%3D%0A&m=9zlG7EzeXdrgbFxbGhS%2Bh8h > >4d0crA1SrR3PuTcIvYVY%3D%0A&s=671911c8510352d2b56807e0170038b46dd1491a8b274 > >7f0e17231a0eb333da0 > >Post to : openstack@lists.openstack.org > >Unsubscribe : > > > https://urldefense.proofpoint.com/v1/url?u=http://lists.openstack.org/cgi- > >bin/mailman/listinfo/openstack&k=oIvRg1%2BdGAgOoM1BIlLLqw%3D%3D%0A&r=eH0px > >TUZo8NPZyF6hgoMQu%2BfDtysg45MkPhCZFxPEq8%3D%0A&m=9zlG7EzeXdrgbFxbGhS%2Bh8h > >4d0crA1SrR3PuTcIvYVY%3D%0A&s=671911c8510352d2b56807e0170038b46dd1491a8b274 > >7f0e17231a0eb333da0 > > > _______________________________________________ > Mailing list: > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > Post to : openstack@lists.openstack.org > Unsubscribe : > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
