You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by "Gregory Chanan (JIRA)" <ji...@apache.org> on 2014/04/29 00:55:15 UTC
[jira] [Commented] (SENTRY-187) Use invariants rather than default
for specification of update index level authorization
[ https://issues.apache.org/jira/browse/SENTRY-187?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13983700#comment-13983700 ]
Gregory Chanan commented on SENTRY-187:
---------------------------------------
Review request: https://reviews.apache.org/r/20813/
> Use invariants rather than default for specification of update index level authorization
> ----------------------------------------------------------------------------------------
>
> Key: SENTRY-187
> URL: https://issues.apache.org/jira/browse/SENTRY-187
> Project: Sentry
> Issue Type: Bug
> Affects Versions: 1.3.0
> Reporter: Gregory Chanan
> Assignee: Gregory Chanan
> Fix For: 1.4.0
>
> Attachments: SENTRY-187.patch
>
>
> we use "defaults" rather than "invariants" for our update index authorization checks. It's possible, if another updateRequestProcessorChain is defined in the solrconfig.xml, that a user could override the default processor chain in order to bypass the update index authorization checks. There aren't any other updateRequestProcessorChains defined in our generated solrconfig.xml/solrconfig.xml.secure, so this shouldn't be a common issue.
--
This message was sent by Atlassian JIRA
(v6.2#6252)