[SENTRY-191] Sentry Policy Service should not require passing the RPC requestor's user/group information - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Blocker
Resolution: Fixed
Affects Version/s: 1.4.0
Fix Version/s: 1.4.0
Component/s: None
Labels:
None

Description

Sentry Policy Service should not require passing the RPC requestor's user/group information. Currently this is done to "authorize" whether a user can execute a GRANT/REVOKE statement since only pre-selected set of admin users run grant/revoke statements. This does not seem very secure and also couples "authorization" with the storing of policy metadata.

I propose that instead of this model, a default "admin" role be introduced. On Sentry Service startup the the role be populated with set of valid admin users as specified in the sentry-service.xml configuration file.

When GRANT/REVOKE statements are run they should be treated the same as any other SQL statement and authorized at the binding layer (if the give user isn't part of the "admin" role then fail the request).

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

SENTRY-191.1.patch
21/May/14 06:33
202 kB
Prasad Suresh Mujumdar
SENTRY-191.2.patch
23/May/14 18:06
212 kB
Prasad Suresh Mujumdar

Issue Links

incorporates

SENTRY-211 Do the user: group lookup in the Sentry db policy server

Resolved

is duplicated by

SENTRY-211 Do the user: group lookup in the Sentry db policy server

Resolved

links to

Review #21760

Activity

People

Assignee:: Prasad Suresh Mujumdar

Reporter:: Lenni Kuff

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 05/May/14 16:05

Updated:: 29/May/14 06:41

Resolved:: 29/May/14 06:41