[RANGER-3125] RangerBasePlugin#dropRole() reveals the non-existence of a role to non-Ranger administrators - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: plugins, Ranger
Labels:
None

Description

We found that when a non-Ranger administrator is trying to remove a role that does not exist in Ranger, the error message returned from RangerBasePlugin#dropRole() at https://github.com/apache/ranger/blob/b8f76a8be532e3d41cca5acfb7cfbe6c35e469f1/agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBasePlugin.java#L496-L506 would indicate that the name of the role does not exist, which reveals the non-existence of the role.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Fang-Yu Rao

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 16/Dec/20 23:53

Updated:: 16/Dec/20 23:53