You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@sentry.apache.org by "Gregory Chanan (JIRA)" <ji...@apache.org> on 2014/04/29 00:29:18 UTC

[jira] [Created] (SENTRY-187) Use invariants rather than default for specification of update index level authorization

Gregory Chanan created SENTRY-187:
-------------------------------------

             Summary: Use invariants rather than default for specification of update index level authorization
                 Key: SENTRY-187
                 URL: https://issues.apache.org/jira/browse/SENTRY-187
             Project: Sentry
          Issue Type: Bug
    Affects Versions: 1.3.0
            Reporter: Gregory Chanan
            Assignee: Gregory Chanan
             Fix For: 1.4.0


we use "defaults" rather than "invariants" for our update index authorization checks.  It's possible, if another updateRequestProcessorChain is defined in the solrconfig.xml, that a user could override the default processor chain in order to bypass the update index authorization checks.  There aren't any other updateRequestProcessorChains defined in our generated solrconfig.xml/solrconfig.xml.secure, so this shouldn't be a common issue.



--
This message was sent by Atlassian JIRA
(v6.2#6252)