You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zookeeper.apache.org by "Andor Molnar (JIRA)" <ji...@apache.org> on 2019/02/06 14:41:00 UTC
[jira] [Resolved] (ZOOKEEPER-1392) Should not allow to read ACL
when not authorized to read node
[ https://issues.apache.org/jira/browse/ZOOKEEPER-1392?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andor Molnar resolved ZOOKEEPER-1392.
-------------------------------------
Resolution: Fixed
Fix Version/s: 3.4.14
3.5.5
3.6.0
> Should not allow to read ACL when not authorized to read node
> -------------------------------------------------------------
>
> Key: ZOOKEEPER-1392
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1392
> Project: ZooKeeper
> Issue Type: Bug
> Components: server
> Affects Versions: 3.4.2
> Reporter: Thomas Weise
> Assignee: Bruce Gao
> Priority: Major
> Fix For: 3.6.0, 3.5.5, 3.4.14
>
> Attachments: ZOOKEEPER-1392.patch
>
>
> Not authorized to read, yet still able to list ACL:
> [zk: localhost:2181(CONNECTED) 0] getAcl /sasltest/n4
> 'sasl,'notme@EXAMPLE.COM
> : cdrwa
> [zk: localhost:2181(CONNECTED) 1] get /sasltest/n4
> Exception in thread "main" org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /sasltest/n4
> at org.apache.zookeeper.KeeperException.create(KeeperException.java:113)
> at org.apache.zookeeper.KeeperException.create(KeeperException.java:51)
> at org.apache.zookeeper.ZooKeeper.getData(ZooKeeper.java:1131)
> at org.apache.zookeeper.ZooKeeper.getData(ZooKeeper.java:1160)
> at org.apache.zookeeper.ZooKeeperMain.processZKCmd(ZooKeeperMain.java:711)
> at org.apache.zookeeper.ZooKeeperMain.processCmd(ZooKeeperMain.java:593)
> at org.apache.zookeeper.ZooKeeperMain.executeLine(ZooKeeperMain.java:365)
> at org.apache.zookeeper.ZooKeeperMain.run(ZooKeeperMain.java:323)
> at org.apache.zookeeper.ZooKeeperMain.main(ZooKeeperMain.java:282)
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)