From: https://review.openstack.org/#/c/309346/
"
I investigated the behaviour of the policy file when various policies
are removed.
A completely empty policy file will return a 403 Forbidden. As the user
will not match with any of the policies.
However, because glance has the policy ``default: ""``. It means that
any policy that is not explicitly stated in the the policy.json, is
by default usable by any member. I think that the ``default`` option
is a potentially bad thing to have in the policy.json file, due to the
ability to give permissions without explicitly stating it.
"
Therefore we should change ``"default": "",`` to ``"default":
"role:admin",``. To make sure that members don't inherit policies that
they shouldn't in the future. From a operators perspective it should be
more secure to have an opt-in rather than opt-out.
Change-Id: I57f9d4791126360079a941c1ff4cb2bbb86298d5
Closes-Bug: 1593177
969309ffae