[jira] [Updated] (QPID-5299) [AMQP 1.0] ACL rules should be checked before checking node's existence and returning amqp:not-found error

Wed, 06 Nov 2013 08:21:03 -0800 

     [ 
https://issues.apache.org/jira/browse/QPID-5299?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Gordon Sim updated QPID-5299:
-----------------------------

    Fix Version/s: 0.25
          Summary: [AMQP 1.0] ACL rules should be checked before checking 
node's existence and returning amqp:not-found error  (was: ACL rules should be 
checked before checking node's existence and returning amqp:not-found error)

> [AMQP 1.0] ACL rules should be checked before checking node's existence and 
> returning amqp:not-found error
> ----------------------------------------------------------------------------------------------------------
>
>                 Key: QPID-5299
>                 URL: https://issues.apache.org/jira/browse/QPID-5299
>             Project: Qpid
>          Issue Type: Bug
>          Components: C++ Broker
>    Affects Versions: 0.25
>         Environment: Apache Qpid C++ broker, CentOS
>            Reporter: JAkub Scholz
>            Assignee: Gordon Sim
>             Fix For: 0.25
>
>
> When a client is connecting with AMQP 1.0 to the C++ broker and the node from 
> which it wants to consume messages doesn't exist, the broker throws an 
> amqp:not-found error even when ACL rules deny the user to access or publish 
> from the given node (queue).
> This problem might to some extent exist also with AMQP 0.10. But the Qpid 
> AMQP 0.10 clients always query the existence of a queue/exchange before 
> connecting to it and the QueueQuery / QueueDeclare calls are ACL protected, 
> so the Qpid based AMQP 0.10 client always receives the ACL error before the 
> not-found error. But I guess if you skip the QueueQuery / QueueDeclare and go 
> directly to MessageSubscribe the same problem as with AMQP 1.0 might exist in 
> AMQP 0.10 as well.
> For a security reasons, I would assume that the ACL check for access or 
> publish rules should be done before revealing that the queue doesn't exist. 
> The broker should not reveal any details about its configuration if the ACL 
> rights don't allow it.



--
This message was sent by Atlassian JIRA
(v6.1#6144)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to