[jira] [Work logged] (ARTEMIS-4963) Reject openwire senders that lack SEND permissions on attach

Thu, 01 Aug 2024 12:11:54 -0700 


     [ 
https://issues.apache.org/jira/browse/ARTEMIS-4963?focusedWorklogId=928349&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-928349
 ]

ASF GitHub Bot logged work on ARTEMIS-4963:
-------------------------------------------

                Author: ASF GitHub Bot
            Created on: 01/Aug/24 19:10
            Start Date: 01/Aug/24 19:10
    Worklog Time Spent: 10m 
      Work Description: tabish121 commented on PR #5122:
URL: 
https://github.com/apache/activemq-artemis/pull/5122#issuecomment-2263780210

   I've run the change through full CI tests a few times already.




Issue Time Tracking
-------------------

    Worklog Id:     (was: 928349)
    Time Spent: 20m  (was: 10m)

> Reject openwire senders that lack SEND permissions on attach
> ------------------------------------------------------------
>
>                 Key: ARTEMIS-4963
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-4963
>             Project: ActiveMQ Artemis
>          Issue Type: Improvement
>          Components: OpenWire
>    Affects Versions: 2.36.0
>            Reporter: Timothy A. Bish
>            Assignee: Timothy A. Bish
>            Priority: Minor
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> Currently the Openwire producers are allowed to attach even when the named 
> destination(s) it requests don't offer send permissions to the logged in user 
> (the sends themselves are validated).  The sends from these named or from 
> anonymous producers are checked for permission but only after such things as 
> conversion of the message to Core has happened which leads to unnecessary GC 
> overhead and wasted CPU cycles if the send is going to ultimately be 
> rejected.  
> We should reject Openwire senders on attach (which is what the ActiveMQ 
> 'Classic' broker does) and we should check send permissions prior to 
> unnecessarily converting messages to Core to reduce overhead from anonymous 
> senders that are sending into destinations they cannot write to.  This change 
> doesn't introduce any new security but simply  would respond more quickly and 
> efficiently than the current code would.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact

Reply via email to