[
https://issues.apache.org/jira/browse/HBASE-13294?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14379134#comment-14379134
]
Andrew Purtell edited comment on HBASE-13294 at 3/25/15 2:06 AM:
-----------------------------------------------------------------
I noticed no branch-1.0 patch on this issue and when working one up I see that
TestAccessController is using methods in SecureTestUtil that don't exist on
that branch (first param is Connection, not Configuration, so we can pass
through an existing connection) but those are what we want. I can add the
SecureTestUtil methods but they in turn depend on AccessControlClient methods
not present in branch-1.0. AccessControlClient is a Public/Evolving interface
in hbase-client. _Adding_ new methods to this interface will not present a
binary compatibility problem and it is tagged as Evolving. I assume there will
be no issues with this but I'm making a note here now before proceeding to
commit to all branches 0.98+ tomorrow morning.
[~enis]
was (Author: apurtell):
I noticed no branch-1.0 patch on this issue and when working one up I see that
TestAccessController is using methods in SecureTestUtil that don't exist on
that branch (first param is Configuration, not Connection) but those are what
we want. I can add the SecureTestUtil methods but they in turn depend on
AccessControlClient methods not present in branch-1.0. AccessControlClient is a
Public/Evolving interface in hbase-client. _Adding_ new methods to this
interface will not present a binary compatibility problem and it is tagged as
Evolving. I assume there will be no issues with this but I'm making a note here
now before proceeding to commit to all branches 0.98+ tomorrow morning.
[~enis]
> Fix the critical ancient loopholes in security testing infrastructure.
> ----------------------------------------------------------------------
>
> Key: HBASE-13294
> URL: https://issues.apache.org/jira/browse/HBASE-13294
> Project: HBase
> Issue Type: Bug
> Reporter: Srikanth Srungarapu
> Assignee: Srikanth Srungarapu
> Fix For: 2.0.0, 1.0.1, 1.1.0, 0.98.12
>
> Attachments: HBASE-13294-0.98.patch, HBASE-13294-0.98.patch,
> HBASE-13294-branch-1.patch, HBASE-13294.patch, HBASE-13294_v2.patch,
> HBASE-13294_v3.patch, HBASE-13294_v3.patch, HBASE-13294_v4.patch,
> HBASE-13294_v5.patch, HBASE-13294_v6.patch, HBASE-13294_v6.patch
>
>
> Unfortunately, the "verifyDenied" method doesn't fail when action parameter
> returns null. The relevant code snippet
> {code}
> try {
> Object obj = user.runAs(action);
> if (requireException) {
> fail("Expected exception was not thrown for user '" +
> user.getShortName() + "'");
> }
> if (obj != null && obj instanceof List<?>) {
> List<?> results = (List<?>) obj;
> if (results != null && !results.isEmpty()) {
> fail("Unexpected results for user '" + user.getShortName() + "'");
> }
> }
> }
> {code}
> As you can see, when obj is null, it returns silently.
> Fixing this issue has uncovered another major bug. While constructing
> actions, we're using TEST_UTIL.getConnection(), which replaces the "doAs"
> user with the user who initiated the connection. I really am grateful to
> [~mbertozzi] without whom debugging this would have been a nightmare.
> Now, fixing these two issues have uncovered more issues in our tests :). The
> main one is we're allowing the table owner to truncate table in code. But, in
> test, we're not allowing him. We should either remove the code that allows
> owner or document that the table owner can truncate table.
> The other minor issues include granting permissions to namespace, but
> checking whether user was able to access tables inside other namespace.
> That's it, folks!
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
