Comment 25 for bug 1242597
Revision history for this message
| Steven Hardy (shardy) wrote Re: ec2tokens API doesn't handle trust-scoped tokens correctly | #25 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
@Morgan Fainberg - my vote is for (1), since there may be users of both trusts and ec2tokens on grizzly (who won't want this hole to be exploitable), but they probably don't care about ec2 credentials derived from a trust (well they can't because it doesn't currently work..)
AFAIK Heat is the only thing which wants to make use of ec2 credentials derived from a trust ID, which will be possible after this is fixed, and we only care about that functionality from Havana onwards, so (1) wfm and shouldn't impact existing users (whereas the second option will, potentially)