Uploaded image for project: 'Kafka'
  1. Kafka
  2. KAFKA-3396

Unauthorized topics are returned to the user

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 0.9.0.0, 0.10.0.0
    • Fix Version/s: 0.10.1.0
    • Component/s: security
    • Labels:
      None

      Description

      Kafka's clients and protocol exposes unauthorized topics to the end user. This is often considered a security hole. To some, the topic name is considered sensitive information. Those that do not consider the name sensitive, still consider it more information that allows a user to try and circumvent security. Instead, if a user does not have access to the topic, the servers should act as if the topic does not exist.

      To solve this some of the changes could include:

      • The broker should not return a TOPIC_AUTHORIZATION(29) error for requests (metadata, produce, fetch, etc) that include a topic that the user does not have DESCRIBE access to.
      • A user should not receive a TopicAuthorizationException when they do not have DESCRIBE access to a topic or the cluster.
      • The client should not maintain and expose a list of unauthorized topics in org.apache.kafka.common.Cluster.

      Other changes may be required that are not listed here. Further analysis is needed.

        Attachments

          Activity

            People

            • Assignee:
              ecomar Edoardo Comar
              Reporter:
              granthenke Grant Henke
            • Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: