[RANGER-3524] Bug in KeyAuthorizationKeyProvider.checkAccess - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Not A Bug
Affects Version/s: 2.2.0
Fix Version/s: None
Component/s: kms
Labels:
None

Description

In KMS KeyAuthorizationKeyProvider.checkAccess, it checks whether the ACL is present first for the requested operation.

But the code instead check whether ACL is present for operation KeyOpType.MANAGEMENT: https://github.com/apache/ranger/blob/ranger-2.2/kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KeyAuthorizationKeyProvider.java#L154

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Huicheng Song

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 23/Nov/21 19:07

Updated:: 13/Jan/23 05:04

Resolved:: 13/Jan/23 05:04