Uploaded image for project: 'Accumulo'
  1. Accumulo
  2. ACCUMULO-3224

Shell should use nanos for auth timeout

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 1.5.3, 1.6.2, 1.7.0
    • shell
    • None

    Description

      I was looking at the code done for ACCUMULO-3221 and noticed that we're using the system clock instead of the JDK's internal relative time, System.nanoTime(). This is a problem, because any auth timeout that depends on the system clock can be easily bypassed by changing the system time.

      We can also do the time conversion more reliably with TimeUnit to avoid the potential arithmetic bug identified in ACCUMULO-3221.

      Attachments

        Issue Links

          breaks

          Bug - A problem which impairs or prevents the functions of the product. ACCUMULO-3229 Shell displays authTimeout poorly

          • Major - Major loss of function.
          • Resolved
          supercedes

          Sub-task - The sub-task of the issue ACCUMULO-3221 Unintential integer overflow in Shell authorization timeout

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              ctubbsii Christopher Tubbs
              ctubbsii Christopher Tubbs
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 0.5h
                  0.5h