Uploaded image for project: 'Kafka'
  1. Kafka
  2. KAFKA-7702

Prefixed ACLs don't work with single character prefix

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 2.0.1, 2.1.0
    • 2.2.0, 2.1.1, 2.0.2
    • security
    • None

    Description

      Prefixed ACLs with a single character are not matched correctly against resource names. ALLOW rule with single character prefix doesn't grant access to any resource and DENY rule with single character prefix doesn't deny access to any resource since the prefix is not matched correctly.

      This is not an exploitable security vulnerability since only authenticated users with authorization to create ACLs can create the prefixed ACLs.

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #5994

          Activity

            People

              rsivaram Rajini Sivaram
              rsivaram Rajini Sivaram
              Jun Rao Jun Rao
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: