Comment 45 for bug 1274034
Revision history for this message
| George Shuklin (george-shuklin) wrote | #45 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
I consider broken antispoofing as a serious flaw, because it allows to interrupt activity of innocent tenants by malicious activity of the unprivileged tenant.
If you insist that it is 'not a security issue, just imperfect design', ok, ok. But don't get upset if this bug will be used by competitors to demonstrate how neglected security issues are in Openstack.
Two versions of Openstack had been released with known security bug And after bugfix was finally released it was not ported to currently supported versions.
Nice work!