[HBASE-6851] Race condition in TableAuthManager.updateGlobalCache() - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Critical
Resolution: Fixed
Affects Version/s: 0.94.1, 0.95.2
Fix Version/s: 0.94.2
Component/s: security
Labels:
None

Description

When new global permissions are assigned, there is a race condition, during which further authorization checks relying on global permissions may fail.

In TableAuthManager.updateGlobalCache(), we have:

    USER_CACHE.clear();
    GROUP_CACHE.clear();
    try {
      initGlobal(conf);
    } catch (IOException e) {
      // Never happens
      LOG.error("Error occured while updating the user cache", e);
    }
    for (Map.Entry<String,TablePermission> entry : userPerms.entries()) {
      if (AccessControlLists.isGroupPrincipal(entry.getKey())) {
        GROUP_CACHE.put(AccessControlLists.getGroupName(entry.getKey()),
                        new Permission(entry.getValue().getActions()));
      } else {
        USER_CACHE.put(entry.getKey(), new Permission(entry.getValue().getActions()));
      }
    }

If authorization checks come in following the .clear() but before repopulating, they will fail.

We should have some synchronization here to serialize multiple updates and use a COW type rebuild and reassign of the new maps.

This particular issue crept in with the fix in ~~HBASE-6157~~, so I'm flagging for 0.94 and 0.96.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HBASE-6851_3.patch
22/Sep/12 21:18
18 kB
Gary Helmling
HBASE-6851_2.patch
22/Sep/12 00:22
18 kB
Gary Helmling
HBASE-6851.patch
21/Sep/12 22:05
18 kB
Gary Helmling

Activity

People

Assignee:: Gary Helmling

Reporter:: Gary Helmling

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 20/Sep/12 23:03

Updated:: 07/Apr/13 05:02

Resolved:: 22/Sep/12 21:18