Comment 28 for bug 2048114
Revision history for this message
| Takashi Kajinami (kajinamit) wrote Re: OpenStack Murano Component Information Leakage | #28 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
So there a few options I can think of
1. Drop format function
- This breaks existing usage with format function and thus causes user impact
- If you run public cloud with heat enable, you have to tell all of your users to modify their template when you update yaql
2. Make format function optional and let components enable it with understanding its risk
- This but enabling the feature is not feasibly possible with the certain vulnerability exist
3. Add validation in format function to prohibit unsafe usage
- Limiting characters within {} to 0-9a-zA-Z would be the most strict validation I can think of
- Loosing limitation may still leave certain patterns
4. Any other smart way to replace format with keeping the existing base usage
I'm leaning towards 3, with validation which is as much strict as possible (ex. reject "{[0-9a-