Actions
Bug #3066
closedimpermissible OSD ops get dropped on the floor
% Done:
0%
Source:
Development
Tags:
Backport:
Regression:
Severity:
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
Right now, an OSD operation that has insufficient permissions gets dropped without an EPERM error being sent back. I can't think of any good DoS reasons to do something like that, and the user experience (eg, using the wrong key, or having messed up granted permissions) can be really terrible, so fix!
It's actually a really simple patch but I'm working on other things and don't want to sidetrack myself into validating it right now — just fix up the couple places that call op_has_sufficient_caps() to call service.reply_op_error(op, -EPERM) before returning.
Actions