[ovirt-devel] cloud-init metadata service
Sven Kieske
s.kieske at mittwald.de
Wed Mar 1 16:04:15 UTC 2017
On 01/03/17 16:53, Marc Young wrote:
> What feels hacky is that I have so little information about the VM i'm
> running from within that I'd have a hard time crawling the API enough to
> know the information I got was about the VM I'm testing against. Per my
> later email the ID in /var/lib/cloud/data/instance-id is not the same that
> I'd need to hit the REST API to describe
I'm glad that this is this way.
From a security standpoint, this would be an information leak, which
enables third party users from inside the vm to attack the ovirt system.
So if you implement new features in this area, I would be very very careful.
--
Mit freundlichen Grüßen / Regards
Sven Kieske
Systemadministrator
Mittwald CM Service GmbH & Co. KG
Königsberger Straße 6
32339 Espelkamp
T: +495772 293100
F: +495772 293333
https://www.mittwald.de
Geschäftsführer: Robert Meyer
St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen
Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ovirt.org/pipermail/devel/attachments/20170301/92df05b5/attachment.sig>
More information about the Devel
mailing list