Gary Helmling created HBASE-6851:
------------------------------------
Summary: Race condition in TableAuthManager.updateGlobalCache()
Key: HBASE-6851
URL: https://issues.apache.org/jira/browse/HBASE-6851
Project: HBase
Issue Type: Bug
Components: security
Affects Versions: 0.94.1, 0.96.0
Reporter: Gary Helmling
Priority: Critical
When new global permissions are assigned, there is a race condition, during
which further authorization checks relying on global permissions may fail.
In TableAuthManager.updateGlobalCache(), we have:
{code:java}
USER_CACHE.clear();
GROUP_CACHE.clear();
try {
initGlobal(conf);
} catch (IOException e) {
// Never happens
LOG.error("Error occured while updating the user cache", e);
}
for (Map.Entry<String,TablePermission> entry : userPerms.entries()) {
if (AccessControlLists.isGroupPrincipal(entry.getKey())) {
GROUP_CACHE.put(AccessControlLists.getGroupName(entry.getKey()),
new Permission(entry.getValue().getActions()));
} else {
USER_CACHE.put(entry.getKey(), new
Permission(entry.getValue().getActions()));
}
}
{code}
If authorization checks come in following the .clear() but before repopulating,
they will fail.
We should have some synchronization here to serialize multiple updates and use
a COW type rebuild and reassign of the new maps.
This particular issue crept in with the fix in HBASE-6157, so I'm flagging for
0.94 and 0.96.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
