hbase-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Srikanth Srungarapu (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HBASE-13294) Fix the critical ancient loopholes in security testing infrastructure.
Date Fri, 20 Mar 2015 00:54:38 GMT
Srikanth Srungarapu created HBASE-13294:
-------------------------------------------

             Summary: Fix the critical ancient loopholes in security testing infrastructure.
                 Key: HBASE-13294
                 URL: https://issues.apache.org/jira/browse/HBASE-13294
             Project: HBase
          Issue Type: Bug
            Reporter: Srikanth Srungarapu
            Assignee: Srikanth Srungarapu


Unfortunately, the "verifyDenied" method doesn't fail when action parameter returns null.
The relevant code snippet
{code}
try {
        Object obj = user.runAs(action);
        if (requireException) {
          fail("Expected exception was not thrown for user '" + user.getShortName() + "'");
        }
        if (obj != null && obj instanceof List<?>) {
          List<?> results = (List<?>) obj;
          if (results != null && !results.isEmpty()) {
            fail("Unexpected results for user '" + user.getShortName() + "'");
          }
        }
      }
{code}
As you can see, when obj is null, it returns silently. 

Fixing this issue has uncovered another major bug. While constructing actions, we're using
TEST_UTIL.getConnection(), which replaces the "doAs" user with the user who initiated the
connection. I really am grateful to [~mbertozzi] without whom debugging this would have been
a nightmare. 

Now, fixing these two issues have uncovered more issues in our tests :). The main one is we're
allowing the table owner to truncate table in code. But, in test, we're not allowing him.
We should either remove the code that allows owner or document that the table owner can truncate
table.

The other minor issues include granting permissions to namespace, but checking whether user
was able to access tables inside other namespace.  

That's it, folks! 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message