cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gaurav Aradhye (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CLOUDSTACK-5152) Basic Zone - Security group belonging to a project can be used to deploy VM outside the project (in same account, and also in different account)
Date Wed, 13 Nov 2013 09:25:46 GMT
Gaurav Aradhye created CLOUDSTACK-5152:
------------------------------------------

             Summary: Basic Zone - Security group belonging to a project can be used to deploy
VM outside the project (in same account, and also in different account)
                 Key: CLOUDSTACK-5152
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-5152
             Project: CloudStack
          Issue Type: Bug
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: Network Controller
    Affects Versions: 4.3.0
            Reporter: Gaurav Aradhye
             Fix For: 4.3.0


In basic zone,

Create an account and a project in that account.
Create a security group which belongs to this project.
Try to deploy VM using this security group outside the project.

Creation of VM is successful and if you list the virtual machines, in response it will show
the security group in the sec groups list and it will show the account of security group as
the account in which you have deployed the instance (instead it should list the project to
which security group belongs)

This is an issue, security group belonging to a project should not be allowed to be used outside
the project.



--
This message was sent by Atlassian JIRA
(v6.1#6144)

Mime
View raw message