[GitHub] [pulsar] xiaotongwang1 commented on issue #8670: Security issues:pulsar create zookeeper path、data without ACL

Wed, 03 Mar 2021 20:16:49 -0800 


xiaotongwang1 commented on issue #8670:
URL: https://github.com/apache/pulsar/issues/8670#issuecomment-790276682


   @eolivelli @jiazhai @codelipenghui we had modify the source code base on 
2.7.0 and it test and work fine in our system ,can i commit a pr to fix this 
problem with adding a judgment condition.
   
   like:
   
   if ("true".equals(System.getProperty("pulsar.zkEnableSecurity", "false"))) {
       localZk().create(path, content, ZooDefs.Ids.CREATOR_ALL_ACL, 
CreateMode.PERSISTENT);
   } else {
       localZk().create(path, content, ZooDefs.Ids.OPEN_ACL_UNSAFE, 
CreateMode.PERSISTENT);
   }
   
   Why not wrapping all zookeeper access to a common interface ?
   it is a big work and i see a new plan 
:https://github.com/apache/pulsar/projects/10 ,i think it will change in this 
plan
   
   ===========================
   
   we also extend pulsar broker SASL/SCRAM-SHA256 and bookie SASL/SCRAM-SHA256
   
   Why?
   1、SASL: bookkeeper and pulsar broker support SASL/Kerberos , need introduced 
a new part KDC ,it will make architecture more complex,and popular solution 
(MIT Kerberos) is under US EAR control
   2、OAuth 2.0: it is better use with TLS to avoid token leakage if client and 
server not in a trust network . 
   
   
   for bookie : No need ACL control for different client ,Because we only got 
one client (pulsar broker),so we store keys(salt、store key、serverkey )after 
encrypted in bookkeeper.conf
   
   for pulsar TCP client interface (6650): we need ACL control for  different 
client to access different topic ,we need support add user/password dynamics,so 
we store keys(salt、store key、serverkey )after encrypted in zookeeper (like 
kafka)
   
   for pulsar HTTP admin interface(8080): single http request can not finish a 
sasl/scram process,so we implement it by OAuth 2.0 client credentials
   
   can i commit a pr for SASL/SCRAM-sha256?


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to