You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zookeeper.apache.org by "Edward Ribeiro (JIRA)" <ji...@apache.org> on 2016/09/18 02:04:20 UTC
[jira] [Updated] (ZOOKEEPER-2590) setACL doesn't affect exists()
operation
[ https://issues.apache.org/jira/browse/ZOOKEEPER-2590?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Edward Ribeiro updated ZOOKEEPER-2590:
--------------------------------------
Description:
As hinted [here|https://github.com/apache/zookeeper/blob/master/src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java#L298], even if a parent znode path has restricted READ access it's possible to issue an exists() operation on any child znode of that given path.
For example, the snippet below doesn't throw {{NoAuthExceptio}}, even tough it removes ACL rights to "/":
{code}
zk.create("/a", null, Ids.OPEN_ACL_UNSAFE, CreateMode.PERSISTENT);
ArrayList<ACL> acls = new ArrayList<>();
acls.add(new ACL(0, Ids.ANYONE_ID_UNSAFE));
zk.setACL("/", acls, -1);
Stat r = zk.exists("/a", false);
{code}
Also, in the above example, what if the removed READ access for "/a"? Should we allow a call to exists("/a") to succeed even if it returns the znode metadata info?
was:
As hinted [here|https://github.com/apache/zookeeper/blob/master/src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java#L298], even if a parent znode path has restricted READ access it's possible to issue an exists() operation on any child znode of that given path.
For example, the snippet below doesn't throw {{NoAuthExceptio}}, even tough it removes ACL rights to "/":
{code}
zk.create("/a", null, Ids.OPEN_ACL_UNSAFE, CreateMode.PERSISTENT);
ArrayList<ACL> acls = new ArrayList<>();
acls.add(new ACL(0, Ids.ANYONE_ID_UNSAFE));
zk.setACL("/", acls, -1);
Stat r = zk.exists("/a", false);
{code}
> setACL doesn't affect exists() operation
> ----------------------------------------
>
> Key: ZOOKEEPER-2590
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2590
> Project: ZooKeeper
> Issue Type: Bug
> Reporter: Edward Ribeiro
> Assignee: Edward Ribeiro
> Labels: acl, security
>
> As hinted [here|https://github.com/apache/zookeeper/blob/master/src/java/main/org/apache/zookeeper/server/FinalRequestProcessor.java#L298], even if a parent znode path has restricted READ access it's possible to issue an exists() operation on any child znode of that given path.
> For example, the snippet below doesn't throw {{NoAuthExceptio}}, even tough it removes ACL rights to "/":
> {code}
> zk.create("/a", null, Ids.OPEN_ACL_UNSAFE, CreateMode.PERSISTENT);
> ArrayList<ACL> acls = new ArrayList<>();
> acls.add(new ACL(0, Ids.ANYONE_ID_UNSAFE));
> zk.setACL("/", acls, -1);
> Stat r = zk.exists("/a", false);
> {code}
> Also, in the above example, what if the removed READ access for "/a"? Should we allow a call to exists("/a") to succeed even if it returns the znode metadata info?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)