Uploaded image for project: 'Qpid'
  1. Qpid
  2. QPID-4631

C++ Broker interbroker links should be protected by ACL

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 0.20
    • 0.23
    • C++ Broker
    • None

    Description

      This issue addresses CVE-2012-4446

      Federated interbroker links may be opened by client programs and not just by brokers. By default the creation of these links is not protected any formal authorization.

      Users concerned about this issue may immediately lock their systems down by creating ACL rules that allow links to be created only by authorized users. For instance the following ACL rules on each broker would provide the lockdown necessary:

      group proxies <id1> <id2> ...
      acl allow proxies create link
      acl deny-log all create link

      A better solution is for the ACL module to deny the creation of links unless ACL rules are specified to specifically allow them.
      In pseudo code the solution is in two parts. Part one observes CREATE LINK rules in the acl file. Part two authorizes link creation only if ACL is loaded, CREATE LINK ACL rules are specified, and the specific user is authorized to create the link in question:

      function readAclFile()
      ...
      if (CREATE LINK rules are specified)
      set acl->createLinkFlag
      endif
      ...
      end function

      function brokerCreateLink()
      if (aclLoaded)
      if (acl->createLinkFlag)
      if (acl->authorise(user, create, link, properties))
      <create link allowed>
      else
      <create link denied - not authorized>
      endif
      else
      <create link denied - acl did not specify a create link rule>
      endif
      else
      <create link denied - acl module not loaded>
      endif
      end function

      This Jira will track the implementation of this restriction.

      Attachments

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            chug Charles E. Rolke
            chug Charles E. Rolke
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment