You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by "Huicheng Song (Jira)" <ji...@apache.org> on 2021/11/23 19:08:00 UTC

[jira] [Created] (RANGER-3524) Bug in KeyAuthorizationKeyProvider.checkAccess

Huicheng Song created RANGER-3524:
-------------------------------------

             Summary: Bug in KeyAuthorizationKeyProvider.checkAccess
                 Key: RANGER-3524
                 URL: https://issues.apache.org/jira/browse/RANGER-3524
             Project: Ranger
          Issue Type: Bug
          Components: kms
    Affects Versions: 2.2.0
            Reporter: Huicheng Song


In KMS *KeyAuthorizationKeyProvider.checkAccess,* it checks whether the ACL is present first for the requested operation.

 

But the code instead check whether ACL is present for operation {*}KeyOpType{*}{*}.MANAGEMENT{*}: [https://github.com/apache/ranger/blob/ranger-2.2/kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KeyAuthorizationKeyProvider.java#L154]

 

 



--
This message was sent by Atlassian Jira
(v8.20.1#820001)