adutra opened a new issue, #541: URL: https://github.com/apache/polaris/issues/541
### Is this a possible security vulnerability? - [X] This is NOT a possible security vulnerability ### Describe the bug So this _is_ a bit of a security vulnerability, but it's already public, and we don't have any official release yet, so 🤷♂️ It is possible for a malicious actor to cause Polaris to OOM by flooding the server with requests having random realm IDs. This is possible because a) the default `RealmContextResolver` does not validate that the realm exists and b) many components maintain an unbounded cache of objects keyed by realm ID, e.g.: * `RealmScopeContext` * `RealmEntityManagerFactory` * `RealmTokenBucketRateLimiter` * `LocalPolarisMetaStoreManagerFactory` I suggest the following mitigation measures: * The default `RealmContextResolver` MUST validate the realm IDs – which means that we need to persist realms in the database or somewhere else (maybe in configuration?) * Any components caching by realm ID should use a bounded cache with proper eviction policies. ### To Reproduce _No response_ ### Actual Behavior _No response_ ### Expected Behavior _No response_ ### Additional context _No response_ ### System information _No response_ -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
