Re: [ovirt-devel] [proposal] deprecate VDSM ping in favor of ping2 and confirmConnectivity
On Mon, Aug 7, 2017 at 5:26 PM, Roy Golan <rgolan(a)redhat.com> wrote:
Still someone could call conirmConnectivity, no? so the state
isn't
guarded from localhost tinkering anyhow. If you really need a solution you
can acuire a token for this operation by setupNetworks, and confirm
connectivity with this token passed back.
At this stage, the problem is not focus on security. If the usage is wrong
it will indeed break things, attacking that will require some more advance
means (but I am not sure we need it in a close system).
I'm not sure about the severity of the problem here, I'll let
other reply,
but I'm against this kind of solution.
On Mon, 7 Aug 2017 at 15:32 Petr Horacek <phoracek(a)redhat.com> wrote:
> Hello,
>
> current VDSM ping verb has a problem - it confirms network
> connectivity as a side-effect. After Engine calls setupNetwork it
> pings VDSM host to confirm that external network connectivity is not
> broken. This prohibits other users to call ping from localhost since
> it would confirm connectivity even though networking could be broken.
>
> In order to fix this problem ping should be split to ping2 (which just
> returns Success with no side-effect) and confirmConnectivity. Change
> on VDSM side was introduced in [1], we still need to expose new verbs
> in Engine.
>
> Regards,
> Petr
>
> [1] https://gerrit.ovirt.org/#/c/80119/
> _______________________________________________
> Devel mailing list
> Devel(a)ovirt.org
> http://lists.ovirt.org/mailman/listinfo/devel
>
_______________________________________________
Devel mailing list
Devel(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/devel
Attachments:
- attachment.html (text/html — 2.9 KB)