Comment 18 for bug 1545092

Revision history for this message
Tristan Cacqueray (tristan-cacqueray) wrote :

It's not a big deal since the abuse is obvious and easy to recover (e.g. remove queued image from db). However this is annoying since there are no safe way to let user create images. Perhaps a quota on the number of images a tenant can create would do the trick ?

As for the security impact, I'd like to triage this as a B1 type of bug according to VMT taxonomy ( https://security.openstack.org/vmt-process.html#incident-report-taxonomy ). Like that a Security Note could be issued until a proper patch is proposed.