Change in ovirt-engine[master]: packaging: setup: export iso domain to engine only
sbonazzo at redhat.com
sbonazzo at redhat.com
Mon May 12 11:48:41 UTC 2014
Sandro Bonazzola has submitted this change and it was merged.
Change subject: packaging: setup: export iso domain to engine only
......................................................................
packaging: setup: export iso domain to engine only
Since Ia35aaf42cb46247a2a02df1c2418f4613ad6b965 we ask the user for the
ACL to use when exporting the iso domain. We kept the default to be the
same as the old behavior - export read-write to the entire network.
This is a security risk, potentially allowing unauthorized changes to
iso images.
This change makes the iso domain accessible by default to the engine's
machine only.
Change-Id: I504d608896277d66b7c8adfe6e7f45ea00255fb8
Signed-off-by: Yedidyah Bar David <didi at redhat.com>
---
M packaging/setup/ovirt_engine_setup/constants.py
M packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/config/iso_domain.py
2 files changed, 13 insertions(+), 3 deletions(-)
Approvals:
Sandro Bonazzola: Looks good to me, approved
Yedidyah Bar David: Verified
--
To view, visit http://gerrit.ovirt.org/23450
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I504d608896277d66b7c8adfe6e7f45ea00255fb8
Gerrit-PatchSet: 4
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Yedidyah Bar David <didi at redhat.com>
Gerrit-Reviewer: Alon Bar-Lev <alonbl at redhat.com>
Gerrit-Reviewer: Itamar Heim <iheim at redhat.com>
Gerrit-Reviewer: Ofer Schreiber <oschreib at redhat.com>
Gerrit-Reviewer: Sandro Bonazzola <sbonazzo at redhat.com>
Gerrit-Reviewer: Yedidyah Bar David <didi at redhat.com>
Gerrit-Reviewer: automation at ovirt.org
Gerrit-Reviewer: oVirt Jenkins CI Server
More information about the Engine-commits
mailing list