Prevent Access rules from being viewed or manipulated by non-owners
Registered by
Goutham Pacha Ravi
Nova will soon have a feature where manila shares can be mounted onto the compute host and made available to client VMs via VirtIOFS [1]. Nova performs this mount on behalf of a user. The user can see the ACLs on the share that nova has mounted. Client identifiers and access secrets are visible in these ACLs - we need a way to prevent this from happening. Alongside, users must also be prevented from deleting this access rule accidentally.
Blueprint information
- Status:
- Not started
- Approver:
- Carlos Eduardo
- Priority:
- Undefined
- Drafter:
- Goutham Pacha Ravi
- Direction:
- Needs approval
- Assignee:
- Goutham Pacha Ravi
- Definition:
- Approved
- Series goal:
- Accepted for bobcat
- Implementation:
-
Unknown
- Milestone target:
- None
- Started by
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
Addressed by: https:/
Access rule visibility and deletion restrictions
(?)
