Comment 2 for bug 1064914
Revision history for this message
| Thierry Carrez (ttx) wrote Re: Able to access ec2 resources with out a user-role | #2 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
513534c
demo site
(Get the code!)
If confirmed, it's in the "extension of validity" class like the ones where you could extend the lifetime of a token. A bit hard to exploit (since you need to be given the role in the first place) but definitely needs to be fixed. I would issue an OSSA on this for the same reason we issued one on the previous token issues.