Uploaded image for project: 'Sentry'
  1. Sentry
  2. SENTRY-191

Sentry Policy Service should not require passing the RPC requestor's user/group information

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 1.4.0
    • Fix Version/s: 1.4.0
    • Component/s: None
    • Labels:
      None

      Description

      Sentry Policy Service should not require passing the RPC requestor's user/group information. Currently this is done to "authorize" whether a user can execute a GRANT/REVOKE statement since only pre-selected set of admin users run grant/revoke statements. This does not seem very secure and also couples "authorization" with the storing of policy metadata.

      I propose that instead of this model, a default "admin" role be introduced. On Sentry Service startup the the role be populated with set of valid admin users as specified in the sentry-service.xml configuration file.

      When GRANT/REVOKE statements are run they should be treated the same as any other SQL statement and authorized at the binding layer (if the give user isn't part of the "admin" role then fail the request).

        Attachments

        1. SENTRY-191.1.patch
          202 kB
          Prasad Suresh Mujumdar
        2. SENTRY-191.2.patch
          212 kB
          Prasad Suresh Mujumdar

          Issue Links

            Activity

              People

              • Assignee:
                prasadm Prasad Suresh Mujumdar
                Reporter:
                lskuff Lenni Kuff
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: