[Bug 1616764] Re: [MIR] python-oslo.privsep
Seth Arnold
1616764 at bugs.launchpad.net
Thu Sep 29 02:34:12 UTC 2016
oslo.privsep doesn't appear to be supported by OpenStack VMT. Note the
missing vulnerability:managed tag:
https://governance.openstack.org/reference/projects/oslo.html#oslo-
privsep
Furthermore, it appears their project configuration doesn't actually
alert anyone to private security issues.
This reinforces my feeling that this might not yet be mature enough for
deployment. Are we sure this is an actual requirement for OpenStack
services? It might eventually be nice but the things I've found so far
-- if confirmed to be bugs -- may require careful redesign of some core
portions of the library.
Thanks
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to python-oslo.privsep in Ubuntu.
https://bugs.launchpad.net/bugs/1616764
Title:
[MIR] python-oslo.privsep
Status in python-oslo.privsep package in Ubuntu:
New
Bug description:
[Availability]
In universe
[Rationale]
New dependency for OpenStack projects
[Security]
No security history
[Quality assurance]
Package builds py2 and py3 modules, unit tests run for both.
[Dependencies]
All in main
[Standards compliance]
OK
[Maintenance]
ubuntu-openstack
[Background information]
This library helps applications perform actions which require more or less privileges than they were started with in a safe, easy to code and easy to use manner. For more information on why this is generally a good idea please read over the principle of least privilege and the specification which created this library. (taken from upstream)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python-oslo.privsep/+bug/1616764/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list