Project

General

Profile

Actions

Bug #5994

closed

Access Based Enumeration not working after 1527

Added by Gordon Ross almost 7 years ago. Updated almost 7 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
-
Start date:
2015-06-09
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
needs-triage
Gerrit CR:

Description

If you set the share property "abe=true" then users connected to that should only see files and directories for which they have some access.
This regressed after #1527 (sorry, missed this change when pulling forward fixes for that push).

Actions #1

Updated by Gordon Ross almost 7 years ago

  • Description updated (diff)
Actions #2

Updated by Gordon Ross almost 7 years ago

When ABE is set and we're getting attributes for a directory listing response,
we want the getattr calls to fail for objects on which we have no access.
That means we need to use the real credentials for that case.

When ABE is not set, we want to just list everything, and in order to avoid
unexpected errors getting attributes, we need to use zone_kcred().
That's what the code is always doing, for now.

Actions #3

Updated by Electric Monk almost 7 years ago

  • Status changed from New to Closed
  • % Done changed from 0 to 100

git commit 5a48565528ab0659af6d43ebe1659bfff8074e8f

commit  5a48565528ab0659af6d43ebe1659bfff8074e8f
Author: Kevin Crowe <kevin.crowe@nexenta.com>
Date:   2015-06-13T17:27:15.000Z

    5994 Access Based Enumeration not working after 1527
    Reviewed by: Jean McCormack <jean.mccormack@nexenta.com>
    Reviewed by: Steve Ping <steve.ping@nexenta.com>
    Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
    Reviewed by: Rob Gittins <rob.gittins@nexenta.com>
    Reviewed by: Igor Kozhukhov <ikozhukhov@gmail.com>
    Approved by: Robert Mustacchi <rm@joyent.com>

Actions

Also available in: Atom PDF