You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2021/05/07 14:02:06 UTC

[GitHub] [pulsar] eolivelli opened a new issue #10505: [Functions] Context.getPulsarAdmin() may allow access to data from other tenants

eolivelli opened a new issue #10505:
URL: https://github.com/apache/pulsar/issues/10505


   Recently we introduced on master branch (2.8.0-SNAPSHOT) a new API Context.getPulsarAdmin() (and getPulsarAdmin(clustername)).
   
   With this API the Function has access to the power of PulsarAdmin, but this is not restricted to the same "tenant" that is running the function.
   
   We must limit the scope of this PulsarAdmin in order to be able to access only the resources of the same tenant.
   
   Please note that this is still not a security issue report because Pulsar 2.8.0 has not been release yet.  


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] devinbost commented on issue #10505: [Functions] Context.getPulsarAdmin() may allow access to data from other tenants

Posted by GitBox <gi...@apache.org>.

devinbost commented on issue #10505:
URL: https://github.com/apache/pulsar/issues/10505#issuecomment-839539683


   Looping in @merlimat since this is part of a larger discussion around the security of Context in Functions. 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] sijie closed issue #10505: [Functions] Context.getPulsarAdmin() may allow access to data from other tenants

Posted by GitBox <gi...@apache.org>.

sijie closed issue #10505:
URL: https://github.com/apache/pulsar/issues/10505


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] eolivelli commented on issue #10505: [Functions] Context.getPulsarAdmin() may allow access to data from other tenants

Posted by GitBox <gi...@apache.org>.

eolivelli commented on issue #10505:
URL: https://github.com/apache/pulsar/issues/10505#issuecomment-834444817


   @freeznet @rdhabalia PTAL


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] lhotari commented on issue #10505: [Functions] Context.getPulsarAdmin() may allow access to data from other tenants

Posted by GitBox <gi...@apache.org>.

lhotari commented on issue #10505:
URL: https://github.com/apache/pulsar/issues/10505#issuecomment-834427742


   Changes were made in #9246 .


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] merlimat commented on issue #10505: [Functions] Context.getPulsarAdmin() may allow access to data from other tenants

Posted by GitBox <gi...@apache.org>.

merlimat commented on issue #10505:
URL: https://github.com/apache/pulsar/issues/10505#issuecomment-852254217


   Pulsar client admin is just a wrapper over the REST API. There's not anything that can be done with it that user wouldn't be able to do just connecting to the HTTP service and making calls. 
   
   The security of the Admin API service is done by ensuring the calls are made with valid credentials authorized to perform the specific operation. Functions/Connector instances will have to be provisioned with these credentials in order to be able to work, and these credentials will only allow certain operations. 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [pulsar] sijie commented on issue #10505: [Functions] Context.getPulsarAdmin() may allow access to data from other tenants

Posted by GitBox <gi...@apache.org>.

sijie commented on issue #10505:
URL: https://github.com/apache/pulsar/issues/10505#issuecomment-852341689


   Closed this ticket as there are no security concerns.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org