Mercurial Mercurial > upstream > oracle > userland-gate / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
21936091 problem in SERVICE/GLANCE
authorDanek Duvall <danek.duvall@oracle.com>
Mon, 19 Oct 2015 16:07:51 -0700
changeset 4991 dba45c643059
parent 4990 ce7a7efc042b
child 4994 ed928e1888f8
21936091 problem in SERVICE/GLANCE
components/openstack/glance/files/glance-api.conf file | annotate | diff | comparison | revisions 
--- a/components/openstack/glance/files/glance-api.conf	Mon Oct 19 13:13:17 2015 -0700
+++ b/components/openstack/glance/files/glance-api.conf	Mon Oct 19 16:07:51 2015 -0700
@@ -184,6 +184,9 @@
 #sqlalchemy_debug = True
 
 # Pass the user's token through for API requests to the registry.
+# WARNING: DO NOT CHANGE THIS VALUE.  Setting use_user_token to False
+# allows for unintended privilege escalation within the Glance API server.
+# See https://wiki.openstack.org/wiki/OSSN/OSSN-0060
 # Default: True
 #use_user_token = True
upstream/oracle/userland-gate