[
https://issues.apache.org/jira/browse/KAFKA-5547?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ismael Juma updated KAFKA-5547:
-------------------------------
Labels: security usability (was: )
> Return topic authorization failed if no topic describe access
> -------------------------------------------------------------
>
> Key: KAFKA-5547
> URL: https://issues.apache.org/jira/browse/KAFKA-5547
> Project: Kafka
> Issue Type: Improvement
> Reporter: Jason Gustafson
> Labels: security, usability
> Fix For: 0.11.1.0
>
>
> We previously made a change to several of the request APIs to return
> UNKNOWN_TOPIC_OR_PARTITION if the principal does not have Describe access to
> the topic. The thought was to avoid leaking information about which topics
> exist. The problem with this is that a client which sees this error will just
> keep retrying because it is usually treated as retriable. It seems, however,
> that we could return TOPIC_AUTHORIZATION_FAILED instead and still avoid
> leaking information as long as we ensure that the Describe authorization
> check comes before the topic existence check. This would avoid the ambiguity
> on the client.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
