[ https://issues.apache.org/jira/browse/SENTRY-2372?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sergio Peña updated SENTRY-2372: -------------------------------- Status: Patch Available (was: Open) > SentryStore should not implement grantOptionCheck > ------------------------------------------------- > > Key: SENTRY-2372 > URL: https://issues.apache.org/jira/browse/SENTRY-2372 > Project: Sentry > Issue Type: Improvement > Components: Sentry, sentrystore > Affects Versions: 2.1.0 > Reporter: Sergio Peña > Assignee: Sergio Peña > Priority: Major > Attachments: SENTRY-2372.1.patch > > > During functional testing it was found that SentryStore implementation > contains logic that enforces sentry rights and depends on cluster-specific > context. Specifically grantOptionCheck needs to be able to resolve hadoop > user's groups and sentry admin groups configured on the cluster. > There are two problems with this: > # Some backends use SentryStore in a multi-tenant way and does have the > context that SentryStore expects when it is used in cluster. > # Security enforcement logic shouldn't be in SentryStore if it is to be > trusted. Since the backends Sentry API may be stateless the caller has to > pass request context to such implementation backend together with the > explicit SentryStore arguments. If the context (e.g. groups) is passed with > the request the checks become unenforceable since caller controls variables > on both sides of the comparison. > The recommendation is to remove {{grantOptionCheck}} and {{SentryStore}} and > to implement equivalent logic in {{SentryPolicyStoreProcessor}}. -- This message was sent by Atlassian JIRA (v7.6.3#76005)