Actions
Documentation #57737
openClarify security implications of path-restricted cephx capabilities
Status:
Pending Backport
Priority:
Normal
Assignee:
Category:
Security Model
Target version:
% Done:
0%
Tags:
backport_processed
Backport:
quincy, pacific
Reviewed:
Description
https://docs.ceph.com/en/latest/cephfs/client-auth/#path-restriction suggests that you can restrict clients to a subtree, but it does not discuss restricting their access to the underlying RADOS information, nor mention the standard combination we use to provide more segregation between file data.
Updated by Greg Farnum over 1 year ago
- Backport set to quincy, pacific
- Pull request ID set to 48319
Updated by Venky Shankar over 1 year ago
- Category set to Security Model
- Status changed from New to Pending Backport
- Target version set to v18.0.0
Updated by Backport Bot over 1 year ago
- Copied to Backport #57776: pacific: Clarify security implications of path-restricted cephx capabilities added
Updated by Backport Bot over 1 year ago
- Copied to Backport #57777: quincy: Clarify security implications of path-restricted cephx capabilities added
Actions