On 07/24/2015 05:10 AM, Thierry Carrez wrote:
Adam Young wrote:
[...]
There should be no "Global Admin Tokens." They are a security risk,
and violate the principal of Least Privilege.
https://en.wikipedia.org/wiki/Principle_of_least_privilege.
Thanks for taking on this long-standing issue.
S
Adam Young wrote:
> [...]
> There should be no "Global Admin Tokens." They are a security risk,
> and violate the principal of Least Privilege.
> https://en.wikipedia.org/wiki/Principle_of_least_privilege.
Thanks for taking on this long-standing issue.
Should we have some cross-project spec to
On 07/23/2015 01:11 PM, melanie witt wrote:
On Jul 23, 2015, at 7:35, Adam Young wrote:
What this means is the if a user is assigned "admin" on any project, they are
assigned admin for everything.
Fixing this is going to require a change to how we write policy.
Each policy rule needs to hav
On Jul 23, 2015, at 7:35, Adam Young wrote:
> What this means is the if a user is assigned "admin" on any project, they are
> assigned admin for everything.
>
> Fixing this is going to require a change to how we write policy.
>
> Each policy rule needs to have two parts:
>
> 1. Match the sco
I a user has an admin role anywhere, they have it everywhere. This is
bug https://bugs.launchpad.net/keystone/+bug/968696 and, in order to fix
it we are going to have to adjust our thinking on policy checks.
Here is the theory:
A user is assigned a role on a project. Policy uses the roles ass