qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chuck Rolke (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (QPID-4775) ACL delete action should not ignore object's properties other than name
Date Wed, 01 May 2013 19:06:16 GMT

    [ https://issues.apache.org/jira/browse/QPID-4775?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13646830#comment-13646830
] 

Chuck Rolke commented on QPID-4775:
-----------------------------------

Applying this patch changes one behavior that breaks self tests. Before the patch the delete
tests ran the ACL query first and if it fails then it returns a 403 UNAUTHORIZED_ACCESS error.
After the patch the delete tests check for the existence of the object to be deleted and if
it doesn't exist it return a 404 NOT_FOUND error.
                
> ACL delete action should not ignore object's properties other than name
> -----------------------------------------------------------------------
>
>                 Key: QPID-4775
>                 URL: https://issues.apache.org/jira/browse/QPID-4775
>             Project: Qpid
>          Issue Type: Improvement
>          Components: C++ Broker
>    Affects Versions: 0.18, 0.20
>            Reporter: Pavel Moravec
>            Priority: Minor
>              Labels: patch, security
>         Attachments: bz955674.patch
>
>
> Description of problem:
> ACL rule like:
> acl allow all delete queue autodelete=true
> should allow deletion of autodelete queues _only_. While any queue can be deleted. The
same applies to any object's property other than queue's name (see Broker::deleteQueue method
and how acl->authorise is called).
> The same applies not only to queues but also to exchanges.
> Version-Release number of selected component (if applicable):
> any
> How reproducible:
> 100%
> Steps to Reproduce:
> 1. cat <acl-file>
> # simply allow all except for deleting non-durable queue
> acl allow-log all consume all
> acl allow-log all publish all
> acl allow-log all create all
> acl allow-log all access all
> acl allow-log all bind all
> acl allow-log all unbind all
> acl allow-log all purge all
> acl allow-log all update all
> acl allow-log all delete exchange
> acl allow-log all delete queue durable=true
> acl deny-log all all
> 2. Start broker with auth=yes and the ACL file
> 3. qpid-config -b admin/admin@localhost:5672 add queue TransientQueue
> 4. qpid-config -b admin/admin@localhost:5672 del queue TransientQueue
> Actual results:
> Steps 3 and 4 pass.
> Expected results:
> Deleting queue should fail, as the queue is not durable.
> In fact, even _creating_ the queue that way should raise an exception, as deleting auxiliary
queue named like "4135cd9e-04b8-4cef-bcd0-5404444d7a04:0.0" (where the qpid-config gets response)
should fail.
> Additional info:
> Same scenarios are applicable for all other queue properties and/or exchange properties.
Just queue/exchange name is checked.
> Patch proposed.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org


Mime
View raw message