[
https://issues.apache.org/jira/browse/OAK-928?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13833026#comment-13833026
]
Jukka Zitting commented on OAK-928:
-----------------------------------
Revision 1545820 updates and enables the {{testShadowInvisibleProperty2}} test.
If the added content perfectly matches the read-protected base content, then
the commit() becomes a no-op and is successful even if write access is denied.
This can be a bit surprising and might potentially expose protected information
to a brute-force attacker, but I don't know how how easy it would be to avoid
this. We'd need to keep track of all updates, even when they match pre-existing
content, which might be difficult depending on the backends being used.
> Read access is enforced on NEW items
> ------------------------------------
>
> Key: OAK-928
> URL: https://issues.apache.org/jira/browse/OAK-928
> Project: Jackrabbit Oak
> Issue Type: Bug
> Components: core
> Reporter: angela
> Assignee: Jukka Zitting
> Fix For: 0.13
>
>
> as explained in OAK-923 we may currently run into the situation where a new
> Tree is being added because it does not exist but the resulting child does
> not exist due to restricted access. the same is true for new properties.
> IMHO this breaks backwards compatibility with jackrabbit core.
> i would therefore suggest to
> - extend MutableTree#exists by checking for the tree being new
> line 390:
> {noformat}
> - return nodeBuilder.exists();
> + return nodeBuilder.isNew() || nodeBuilder.exists();
> {noformat}
> - similar behavior for #hasProperty #getProperty, #getProperties and
> #getPropertyCount (no patch yet).
> however, i would like to get a broader consensus on this kind of
> modifications as this
> might have side effects in other places.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
