Vyom Mani Tiwari created RANGER-5394:
----------------------------------------
Summary: policyEngine should be volatile to prevent policy update
visibility race
Key: RANGER-5394
URL: https://issues.apache.org/jira/browse/RANGER-5394
Project: Ranger
Issue Type: Bug
Components: Ranger
Affects Versions: 2.6.0, 2.5.0
Reporter: Vyom Mani Tiwari
Assignee: Vyom Mani Tiwari
The issue is a visibility race condition due to the {{policyEngine}} field in
{{RangerBasePlugin}} not being declared {{{}volatile{}}}. When
{{policyRefresher}} threads update the {{RangerPolicyEngine}} reference, the
change might not be immediately visible to other threads, causing them to use a
stale policy engine reference. This can lead to access control bypassing.
Declaring the field as {{volatile}} would ensure that changes are always
visible to all threads.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
