Project

General

Profile

Actions
Copy link

Bug #48555

closed

pybind/ceph_volume_client: allows authorize on auth_ids not created through ceph_volume_client

Added by Patrick Donnelly over 3 years ago. Updated over 3 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Kotresh Hiremath Ravishankar
Category:
-
Target version:
Ceph - v16.0.0
% Done:

0%

Source:
Community (dev)
Tags:
Backport:
octopus,nautilus,luminous
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Component(FS):
VolumeClient
Labels (FS):
Pull request ID:
Crash signature (v1):
Crash signature (v2):

Related issues 3 (0 open3 closed)

Copied to CephFS - Backport #48637: octopus: pybind/ceph_volume_client: allows authorize on auth_ids not created through ceph_volume_clientResolvedPatrick DonnellyActions
Copied to CephFS - Backport #48638: nautilus: pybind/ceph_volume_client: allows authorize on auth_ids not created through ceph_volume_clientResolvedPatrick DonnellyActions
Copied to CephFS - Backport #48639: luminous: pybind/ceph_volume_client: allows authorize on auth_ids not created through ceph_volume_clientResolvedPatrick DonnellyActions
Actions
Copy link
 #2

Updated by Patrick Donnelly over 3 years ago

  • Status changed from Fix Under Review to Resolved

Backports done manually.

Actions
Copy link
 #3

Updated by Patrick Donnelly over 3 years ago

  • Status changed from Resolved to Pending Backport
Actions
Copy link
 #4

Updated by Patrick Donnelly over 3 years ago

  • Private changed from Yes to No
Actions
Copy link
 #5

Updated by Patrick Donnelly over 3 years ago 

commit c6121e48ecb7224e5addf4b5fdeb64907a8d8683 upstream/heads/master
Merge: 9838e03b012 aa4beb3d993
Author: Patrick Donnelly <pdonnell@redhat.com>
Date:   Wed Dec 16 08:19:21 2020 -0800

    Merge branch 'CVE-2020-27781' into master

    * CVE-2020-27781:
      tasks/cephfs/test_volume_client: Add tests for authorize/deauthorize
      pybind/ceph_volume_client: Optionally authorize existing auth-ids
      pybind/ceph_volume_client: Preserve existing caps while authorize/deauthorize auth-id
      pybind/ceph_volume_client: Disallow authorize auth_id
Actions
Copy link
 #6

Updated by Backport Bot over 3 years ago

  • Copied to Backport #48637: octopus: pybind/ceph_volume_client: allows authorize on auth_ids not created through ceph_volume_client added
Actions
Copy link
 #7

Updated by Backport Bot over 3 years ago

  • Copied to Backport #48638: nautilus: pybind/ceph_volume_client: allows authorize on auth_ids not created through ceph_volume_client added
Actions
Copy link
 #8

Updated by Patrick Donnelly over 3 years ago

  • Backport changed from octopus,nautilus to octopus,nautilus,luminous
Actions
Copy link
 #9

Updated by Backport Bot over 3 years ago

  • Copied to Backport #48639: luminous: pybind/ceph_volume_client: allows authorize on auth_ids not created through ceph_volume_client added
Actions
Copy link
 #10

Updated by Nathan Cutler over 3 years ago

  • Status changed from Pending Backport to Resolved

While running with --resolve-parent, the script "backport-create-issue" noticed that all backports of this issue are in status "Resolved" or "Rejected".

Actions
Copy link

Also available in: Atom PDF