On Mon, Mar 17, 2014 at 1:01 PM, IWAMOTO Toshihiro <iwam...@valinux.co.jp>wrote: > > I've added a couple of security-related comments (pickle decoding and > token leak) on the etherpad. > Please check. >
Hello. Thanks for your input. - We can avoid pickle using xmlrpclib. - Token won't leak because we have direct pipe to parent process. I'm in process of implementing it now so thanks for early notice. -- Kind regards, Yuriy.
_______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
