zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bhupendra Kumar Jain (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ZOOKEEPER-2591) The deletion of Container znode doesn't check ACL delete permission
Date Tue, 04 Jul 2017 07:21:00 GMT

    [ https://issues.apache.org/jira/browse/ZOOKEEPER-2591?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16073224#comment-16073224
] 

Bhupendra Kumar Jain commented on ZOOKEEPER-2591:
-------------------------------------------------

About solution to have a check node.stat.getCversion() > 0 , I have one doubt . Lets consider
a scenario as below 

1. create container node 
2. create child1
3. delete child1
   cVersion = 1 , child count = 0

4. create child2
5. delete child2
6. cVersion = 2, child count = 0
7. Timer triggers and deletes container node 

What if malicious user deletes the container node after step 3. I agree that after step 3
even if system timer runs it will delete the container node too ... But then why allow malicious
user to delete at all ... 

In my opinion we can have a internal Boolean in Request object which marked as true by ContainerManager
and false for all other cases. We can skip the ACL check only if Boolean if true. Does it
make sense ?

> The deletion of Container znode doesn't check ACL delete permission
> -------------------------------------------------------------------
>
>                 Key: ZOOKEEPER-2591
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2591
>             Project: ZooKeeper
>          Issue Type: Bug
>          Components: security, server
>            Reporter: Edward Ribeiro
>            Assignee: Edward Ribeiro
>
> Container nodes check the ACL before creation, but the deletion doesn't check  the ACL
rights. The code below succeeds even tough we removed ACL access permissions for "/a".
> {code}
>         zk.create("/a", null, Ids.OPEN_ACL_UNSAFE, CreateMode.CONTAINER);
>         ArrayList<ACL> list = new ArrayList<>();
>         list.add(new ACL(0, Ids.ANYONE_ID_UNSAFE));
>         zk.setACL("/", list, -1);
>         zk.delete("/a", -1);
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message