[
https://issues.apache.org/jira/browse/ZOOKEEPER-2591?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16079260#comment-16079260
]
Bhupendra Kumar Jain commented on ZOOKEEPER-2591:
-------------------------------------------------
As I understand, Request object (org.apache.zookeeper.server.Request) is
created in server side only. Idea was to have boolean to indicate the type of
request like system internal request or client request. Since this boolean
will be set only by server so client can not control this. We can also do this
by some other way like extend Request to create DeleteContainerRequest and
check the request oject instance type in prepRequestProcessor.
{quote}
Another possibility is to somehow disallow OpCode.deleteContainer coming from a
connected client.
{quote}
I agree your idea to disallow deleteContainer request from client completely.
That way there is no need to add ACL check . I think we can check this in
processPacket() method before submitting the request to request Processor.
> The deletion of Container znode doesn't check ACL delete permission
> -------------------------------------------------------------------
>
> Key: ZOOKEEPER-2591
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2591
> Project: ZooKeeper
> Issue Type: Bug
> Components: security, server
> Reporter: Edward Ribeiro
> Assignee: Edward Ribeiro
>
> Container nodes check the ACL before creation, but the deletion doesn't check
> the ACL rights. The code below succeeds even tough we removed ACL access
> permissions for "/a".
> {code}
> zk.create("/a", null, Ids.OPEN_ACL_UNSAFE, CreateMode.CONTAINER);
> ArrayList<ACL> list = new ArrayList<>();
> list.add(new ACL(0, Ids.ANYONE_ID_UNSAFE));
> zk.setACL("/", list, -1);
> zk.delete("/a", -1);
> {code}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
