Things in Neutron are restricted at the tenant level. Nothing pays attention to the user ID (other than maybe a custom policy.json entry). If you have two users that aren't trusted together, they shouldn't be in the same tenant.
If we want to change that model, it will definitely require a blueprint because it would need to be changed for everything rather than just ports. On Fri, Mar 13, 2015 at 11:48 AM, Paul Ward <wpw...@linux.vnet.ibm.com> wrote: > From what I can tell, neutron ports do not have the concept of an "owner" > that is a user. They have "device_owner", which seems to be more for > things like assigning to a router. > > The reason I bring this up is because there seems to be no way to restrict > the update/delete of a port to only the owner of the nova server it's > attached to. You can set the policy file to enforce tenant_id, but that > would still allow any user in a tenant to delete any OTHER user's neutron > port in that same tenant. > > This actually seems like a security problem to me. But given it deals > with a core neutron object, maybe the best way to approach it is with a > blueprint in Liberty rather than a bug... > > Thoughts? > > > __________________________________________________________________________ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > -- Kevin Benton
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev