Andrew Wong has posted comments on this change. ( http://gerrit.cloudera.org:8080/11753 )
Change subject: authz: verify tokens on scans ...................................................................... Patch Set 8: (2 comments) http://gerrit.cloudera.org:8080/#/c/11753/7/src/kudu/common/schema.h File src/kudu/common/schema.h: http://gerrit.cloudera.org:8080/#/c/11753/7/src/kudu/common/schema.h@552 PS7, Line 552: inline const std::vector<ColumnId>& column_ids() const { > Isn't inline implied by virtue of this being a function defined in the head That's a good point, I blindly copied the const ref from column_by_id(). I'll remove both. http://gerrit.cloudera.org:8080/#/c/11753/4/src/kudu/tserver/tablet_service.cc File src/kudu/tserver/tablet_service.cc: http://gerrit.cloudera.org:8080/#/c/11753/4/src/kudu/tserver/tablet_service.cc@427 PS4, Line 427: return false; > If a user sends raw RPCs in order to get a diff scan (i.e. two timestamps) Yeah, I had a similar train of thought with the following example: - user has access on non-key columns - user scans with a predicate on the non-key columns and gets back one row - user does a diff scan and learns a history of that single row I'm not 100% convinced that that would be a vulnerability, but something doesn't sit quite right with me about it. -- To view, visit http://gerrit.cloudera.org:8080/11753 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I7a5d81cf215a5d936f8853feba05778038764905 Gerrit-Change-Number: 11753 Gerrit-PatchSet: 8 Gerrit-Owner: Andrew Wong <[email protected]> Gerrit-Reviewer: Adar Dembo <[email protected]> Gerrit-Reviewer: Andrew Wong <[email protected]> Gerrit-Reviewer: Dan Burkert <[email protected]> Gerrit-Reviewer: Hao Hao <[email protected]> Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Tue, 19 Mar 2019 05:57:28 +0000 Gerrit-HasComments: Yes
