Skip to content
Browse files

adding documentation warning users of the danger wrt copy propagation…

… and GH-69
  • Loading branch information...
1 parent fe7b3e2 commit 3eccfb1aff342ec29f37d2aadc394fcd69ea603a @buzztroll buzztroll committed Jul 22, 2011
Showing with 21 additions and 0 deletions.
  1. +21 −0 docs/src/admin/reference.html
21 docs/src/admin/reference.html
@@ -178,6 +178,9 @@
<a href="#cpprop-config">Configuration</a>
+ <li>
+ <a href="#cpprop-passthrough">Copy Propagation Pass Through</a>
+ </li>
@@ -2419,6 +2422,24 @@
<pre class="panel">&lt;property name="repoScheme" value="cp" /&gt;</pre>
+<a name="#cpprop-passthrough"> </a>
+<h3>Copy Propagation Pass Through _NAMELINK(cpprop-passthrough)</h3>
+It is possible to use copy propagation as a <i>pass through</i> propagation
+adapter. This means that instead of only being able to boot files in the Cumulus
+repository an administrator can allow users to specify any file on the
+file system to which the VMM node's nimbus user has access.
+<B>WARNING: This should NOT be enabled in most cases due to security
+When using the copy propagation pass through adapter the Cumulus security
+ACL authz protection is entirely bypassed. A user can boot and copy
+any image that the <i>nimbus</i> user can read. This should be used with
+extreme care and only on cloud with nothing but completely trusted users.
<a name="imagecache"> </a>
<h2>Image Cache _NAMELINK(imagecache)</h2>

0 comments on commit 3eccfb1

Please sign in to comment.
Something went wrong with that request. Please try again.