** Changed in: horizon/juno Status: Fix Committed => Fix Released
-- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Dashboard (Horizon). https://bugs.launchpad.net/bugs/1396544 Title: Default `target={}` value leaks into subsequent `policy.check()` calls Status in OpenStack Dashboard (Horizon): Fix Committed Status in OpenStack Dashboard (Horizon) icehouse series: In Progress Status in OpenStack Dashboard (Horizon) juno series: Fix Released Status in OpenStack Security Advisories: Won't Fix Bug description: Due to mutable dictionary being used as the default `target` argument value the first target calculated from scratch in POLICY_CHECK function will be used for all subsequent calls to POLICY_CHECK with 2 arguments. The wrong `target` can either lead to a reduced set of operations on an entity for a given user, or to enlarged one. The latter case poses a security breach from an cloud operators' point of view. To manage notifications about this bug go to: https://bugs.launchpad.net/horizon/+bug/1396544/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp