[jira] [Updated] (KAFKA-3396) Unauthorized topics are returned to the user
[ https://issues.apache.org/jira/browse/KAFKA-3396?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ismael Juma updated KAFKA-3396: --- Priority: Critical (was: Major) > Unauthorized topics are returned to the user > > > Key: KAFKA-3396 > URL: https://issues.apache.org/jira/browse/KAFKA-3396 > Project: Kafka > Issue Type: Bug > Components: security >Affects Versions: 0.9.0.0, 0.10.0.0 >Reporter: Grant Henke >Assignee: Edoardo Comar >Priority: Critical > Fix For: 0.10.1.0 > > > Kafka's clients and protocol exposes unauthorized topics to the end user. > This is often considered a security hole. To some, the topic name is > considered sensitive information. Those that do not consider the name > sensitive, still consider it more information that allows a user to try and > circumvent security. Instead, if a user does not have access to the topic, > the servers should act as if the topic does not exist. > To solve this some of the changes could include: > - The broker should not return a TOPIC_AUTHORIZATION(29) error for > requests (metadata, produce, fetch, etc) that include a topic that the user > does not have DESCRIBE access to. > - A user should not receive a TopicAuthorizationException when they do > not have DESCRIBE access to a topic or the cluster. > - The client should not maintain and expose a list of unauthorized > topics in org.apache.kafka.common.Cluster. > Other changes may be required that are not listed here. Further analysis is > needed. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KAFKA-3396) Unauthorized topics are returned to the user
[ https://issues.apache.org/jira/browse/KAFKA-3396?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ismael Juma updated KAFKA-3396: --- Fix Version/s: (was: 0.10.0.1) 0.10.1.0 > Unauthorized topics are returned to the user > > > Key: KAFKA-3396 > URL: https://issues.apache.org/jira/browse/KAFKA-3396 > Project: Kafka > Issue Type: Bug > Components: security >Affects Versions: 0.9.0.0, 0.10.0.0 >Reporter: Grant Henke >Assignee: Edoardo Comar > Fix For: 0.10.1.0 > > > Kafka's clients and protocol exposes unauthorized topics to the end user. > This is often considered a security hole. To some, the topic name is > considered sensitive information. Those that do not consider the name > sensitive, still consider it more information that allows a user to try and > circumvent security. Instead, if a user does not have access to the topic, > the servers should act as if the topic does not exist. > To solve this some of the changes could include: > - The broker should not return a TOPIC_AUTHORIZATION(29) error for > requests (metadata, produce, fetch, etc) that include a topic that the user > does not have DESCRIBE access to. > - A user should not receive a TopicAuthorizationException when they do > not have DESCRIBE access to a topic or the cluster. > - The client should not maintain and expose a list of unauthorized > topics in org.apache.kafka.common.Cluster. > Other changes may be required that are not listed here. Further analysis is > needed. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KAFKA-3396) Unauthorized topics are returned to the user
[ https://issues.apache.org/jira/browse/KAFKA-3396?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ismael Juma updated KAFKA-3396: --- Status: Patch Available (was: Open) > Unauthorized topics are returned to the user > > > Key: KAFKA-3396 > URL: https://issues.apache.org/jira/browse/KAFKA-3396 > Project: Kafka > Issue Type: Bug > Components: security >Affects Versions: 0.10.0.0, 0.9.0.0 >Reporter: Grant Henke >Assignee: Edoardo Comar > Fix For: 0.10.0.1 > > > Kafka's clients and protocol exposes unauthorized topics to the end user. > This is often considered a security hole. To some, the topic name is > considered sensitive information. Those that do not consider the name > sensitive, still consider it more information that allows a user to try and > circumvent security. Instead, if a user does not have access to the topic, > the servers should act as if the topic does not exist. > To solve this some of the changes could include: > - The broker should not return a TOPIC_AUTHORIZATION(29) error for > requests (metadata, produce, fetch, etc) that include a topic that the user > does not have DESCRIBE access to. > - A user should not receive a TopicAuthorizationException when they do > not have DESCRIBE access to a topic or the cluster. > - The client should not maintain and expose a list of unauthorized > topics in org.apache.kafka.common.Cluster. > Other changes may be required that are not listed here. Further analysis is > needed. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KAFKA-3396) Unauthorized topics are returned to the user
[ https://issues.apache.org/jira/browse/KAFKA-3396?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ismael Juma updated KAFKA-3396: --- Affects Version/s: 0.9.0.0 0.10.0.0 > Unauthorized topics are returned to the user > > > Key: KAFKA-3396 > URL: https://issues.apache.org/jira/browse/KAFKA-3396 > Project: Kafka > Issue Type: Bug > Components: security >Affects Versions: 0.9.0.0, 0.10.0.0 >Reporter: Grant Henke >Assignee: Edoardo Comar > Fix For: 0.10.0.1 > > > Kafka's clients and protocol exposes unauthorized topics to the end user. > This is often considered a security hole. To some, the topic name is > considered sensitive information. Those that do not consider the name > sensitive, still consider it more information that allows a user to try and > circumvent security. Instead, if a user does not have access to the topic, > the servers should act as if the topic does not exist. > To solve this some of the changes could include: > - The broker should not return a TOPIC_AUTHORIZATION(29) error for > requests (metadata, produce, fetch, etc) that include a topic that the user > does not have DESCRIBE access to. > - A user should not receive a TopicAuthorizationException when they do > not have DESCRIBE access to a topic or the cluster. > - The client should not maintain and expose a list of unauthorized > topics in org.apache.kafka.common.Cluster. > Other changes may be required that are not listed here. Further analysis is > needed. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KAFKA-3396) Unauthorized topics are returned to the user
[ https://issues.apache.org/jira/browse/KAFKA-3396?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ismael Juma updated KAFKA-3396: --- Component/s: security > Unauthorized topics are returned to the user > > > Key: KAFKA-3396 > URL: https://issues.apache.org/jira/browse/KAFKA-3396 > Project: Kafka > Issue Type: Bug > Components: security >Reporter: Grant Henke >Assignee: Edoardo Comar > Fix For: 0.10.0.1 > > > Kafka's clients and protocol exposes unauthorized topics to the end user. > This is often considered a security hole. To some, the topic name is > considered sensitive information. Those that do not consider the name > sensitive, still consider it more information that allows a user to try and > circumvent security. Instead, if a user does not have access to the topic, > the servers should act as if the topic does not exist. > To solve this some of the changes could include: > - The broker should not return a TOPIC_AUTHORIZATION(29) error for > requests (metadata, produce, fetch, etc) that include a topic that the user > does not have DESCRIBE access to. > - A user should not receive a TopicAuthorizationException when they do > not have DESCRIBE access to a topic or the cluster. > - The client should not maintain and expose a list of unauthorized > topics in org.apache.kafka.common.Cluster. > Other changes may be required that are not listed here. Further analysis is > needed. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KAFKA-3396) Unauthorized topics are returned to the user
[ https://issues.apache.org/jira/browse/KAFKA-3396?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Ismael Juma updated KAFKA-3396: --- Fix Version/s: 0.10.0.1 > Unauthorized topics are returned to the user > > > Key: KAFKA-3396 > URL: https://issues.apache.org/jira/browse/KAFKA-3396 > Project: Kafka > Issue Type: Bug > Components: security >Reporter: Grant Henke >Assignee: Edoardo Comar > Fix For: 0.10.0.1 > > > Kafka's clients and protocol exposes unauthorized topics to the end user. > This is often considered a security hole. To some, the topic name is > considered sensitive information. Those that do not consider the name > sensitive, still consider it more information that allows a user to try and > circumvent security. Instead, if a user does not have access to the topic, > the servers should act as if the topic does not exist. > To solve this some of the changes could include: > - The broker should not return a TOPIC_AUTHORIZATION(29) error for > requests (metadata, produce, fetch, etc) that include a topic that the user > does not have DESCRIBE access to. > - A user should not receive a TopicAuthorizationException when they do > not have DESCRIBE access to a topic or the cluster. > - The client should not maintain and expose a list of unauthorized > topics in org.apache.kafka.common.Cluster. > Other changes may be required that are not listed here. Further analysis is > needed. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
