cbaf22e85d
A vulnerability was detected in Cinder that could allow users to access other people's volumes. The solution was to limit some of the operations on attached volumes to only OpenStack services. This patch adds some negative tests to check that a user cannot directly call Cinder to detach a volume, force detach it, terminate its connection, or delete its attachment. Depends-On: I612905a1bf4a1706cce913c0d8a6df7a240d599a Related-Bug: #2004555 Change-Id: Ice6532ce7943e9a9363e443515946865541d09c2
6 lines
128 B
YAML
6 lines
128 B
YAML
---
|
|
features:
|
|
- |
|
|
Add delete_attachment to the v3 AttachmentsClient and terminate_connection
|
|
to the v3 VolumesClient.
|