Indeed, I agree that there is no risk for a "malicious actor" to use this flow. However there is a confirmed risk that an openstack admin can accidentally delete backups which he should not delete (and it DID happen, sadly...), when the admin is asked to launch scripts (ospurge) used to delete resources of customers who want to remove all their data...
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1422046 Title: cinder backup-list is always listing all tenants's bug for admin To manage notifications about this bug go to: https://bugs.launchpad.net/horizon/+bug/1422046/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
