[
https://issues.apache.org/jira/browse/RANGER-5394?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18037630#comment-18037630
]
Dhaval Shah commented on RANGER-5394:
-------------------------------------
Hi,
Committed into apache master :
[https://github.com/apache/ranger/commit/4fb301152ed2ba72596419ebdda90f8a5912e787]
Thanks
> policyEngine should be volatile to prevent policy update visibility race
> ------------------------------------------------------------------------
>
> Key: RANGER-5394
> URL: https://issues.apache.org/jira/browse/RANGER-5394
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Affects Versions: 2.5.0, 2.6.0
> Reporter: Vyom Mani Tiwari
> Assignee: Vyom Mani Tiwari
> Priority: Major
> Time Spent: 50m
> Remaining Estimate: 0h
>
> The issue is a visibility race condition due to the {{policyEngine}} field in
> {{RangerBasePlugin}} not being declared {{{}volatile{}}}. When
> {{policyRefresher}} threads update the {{RangerPolicyEngine}} reference, the
> change might not be immediately visible to other threads, causing them to use
> a stale policy engine reference. This can lead to access control bypassing.
> Declaring the field as {{volatile}} would ensure that changes are always
> visible to all threads.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
