Uploaded image for project: 'Sentry (Retired)'
  1. Sentry (Retired)
  2. SENTRY-191

Sentry Policy Service should not require passing the RPC requestor's user/group information

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Blocker
    • Resolution: Fixed
    • 1.4.0
    • 1.4.0
    • None
    • None

    Description

      Sentry Policy Service should not require passing the RPC requestor's user/group information. Currently this is done to "authorize" whether a user can execute a GRANT/REVOKE statement since only pre-selected set of admin users run grant/revoke statements. This does not seem very secure and also couples "authorization" with the storing of policy metadata.

      I propose that instead of this model, a default "admin" role be introduced. On Sentry Service startup the the role be populated with set of valid admin users as specified in the sentry-service.xml configuration file.

      When GRANT/REVOKE statements are run they should be treated the same as any other SQL statement and authorized at the binding layer (if the give user isn't part of the "admin" role then fail the request).

      Attachments

        1. SENTRY-191.2.patch
          212 kB
          Prasad Suresh Mujumdar
        2. SENTRY-191.1.patch
          202 kB
          Prasad Suresh Mujumdar

        Issue Links

          Activity

            People

              prasadm Prasad Suresh Mujumdar
              lskuff Lenni Kuff
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: