Uploaded image for project: 'ZooKeeper'
  1. ZooKeeper
  2. ZOOKEEPER-1392

Should not allow to read ACL when not authorized to read node

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.4.2
    • Fix Version/s: 3.6.0, 3.5.5, 3.4.14
    • Component/s: server
    • Labels:
      None

      Description

      Not authorized to read, yet still able to list ACL:

      [zk: localhost:2181(CONNECTED) 0] getAcl /sasltest/n4
      'sasl,'notme@EXAMPLE.COM
      : cdrwa
      [zk: localhost:2181(CONNECTED) 1] get /sasltest/n4
      Exception in thread "main" org.apache.zookeeper.KeeperException$NoAuthException: KeeperErrorCode = NoAuth for /sasltest/n4
      at org.apache.zookeeper.KeeperException.create(KeeperException.java:113)
      at org.apache.zookeeper.KeeperException.create(KeeperException.java:51)
      at org.apache.zookeeper.ZooKeeper.getData(ZooKeeper.java:1131)
      at org.apache.zookeeper.ZooKeeper.getData(ZooKeeper.java:1160)
      at org.apache.zookeeper.ZooKeeperMain.processZKCmd(ZooKeeperMain.java:711)
      at org.apache.zookeeper.ZooKeeperMain.processCmd(ZooKeeperMain.java:593)
      at org.apache.zookeeper.ZooKeeperMain.executeLine(ZooKeeperMain.java:365)
      at org.apache.zookeeper.ZooKeeperMain.run(ZooKeeperMain.java:323)
      at org.apache.zookeeper.ZooKeeperMain.main(ZooKeeperMain.java:282)

        Attachments

        1. ZOOKEEPER-1392.patch
          4 kB
          Bruce Gao

          Activity

            People

            • Assignee:
              lovesf Bruce Gao
              Reporter:
              thw Thomas Weise
            • Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: