User gets access to VNC console of an instance of another tenant
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Confirmed
|
High
|
Rohan | ||
Essex |
Confirmed
|
High
|
Rohan | ||
Folsom |
Confirmed
|
High
|
Rohan |
Bug Description
A user is able to access the VNC console of an instance of another tenant in the following scenario:
1. User(U1) of Tenant(T1) creates an instance(I1), which uses port 5900 for VNC.
2. User(U1) gets the URL for accessing his instance's(I1) VNC console.
3. User(U1) terminates his VM (libvirt frees port 5900).
4. User(U2) of Tenant(T2) creates an instance(I2), which also gets free port 5900 for VNC.
5. Now, User(U1) attempts to access his instance's(I1) VNC console using his URL (from Step2).
Expected result: User(U1) should not be able to access VNC Console and should see "Failed to connect to server (code: 1006)"
Actual result: User(U1) is able to access VNC Console of instance(I2) of User(U2), belonging to Tenant(T2) as it runs on the same VNC port of the same compute host.
This issue is reproducible within the token time-to-live of 600 seconds(default).
Changed in nova: | |
assignee: | Unmesh Gurjar (unmesh-gurjar) → Rohan (kanaderohan) |
Gerrit review: https:/ /review. openstack. org/#/c/ 13828/ addresses the issue (for Nova's memorycache implementation).