69f801c349
Currently the ACL to public Swift images is '.r:*'. This means that anonymous users who have not authenticated may be able to access the data of a public Swift image when multi-tenant mode is enabled. Change to use the cross-tenant '*:*' ACL which requires an authenticated user for access. Note: This does not address authenticated users being able to download public image data directly from Swift (potentially bypassing Glance's 'download_image' policy). Change-Id: I1fa3297908ca4be517419e9460f056a09aa98ef0 Addresses: OSSN 0025 (https://review.openstack.org/#/c/117928/) Closes-bug: #1354512 |
||
---|---|---|
doc/source | ||
glance_store | ||
tests | ||
tools | ||
.gitignore | ||
.gitreview | ||
.testr.conf | ||
LICENSE | ||
README.rst | ||
babel.cfg | ||
openstack-common.conf | ||
requirements.txt | ||
run_tests.sh | ||
setup.cfg | ||
setup.py | ||
test-requirements.txt | ||
tox.ini |
README.rst
Glance Store Library
Glance's stores library