Bug #3066: impermissible OSD ops get dropped on the floor - Ceph - Ceph

Bug #3066

impermissible OSD ops get dropped on the floor

Added by Greg Farnum over 10 years ago. Updated about 10 years ago.

Status:

Resolved

Priority:

Normal

Assignee:

Category:

OSD

Target version:

v0.52a

% Done:

Source:

Development

Tags:

Backport:

Regression:

Severity:

Reviewed:

Affected Versions:

ceph-qa-suite:

Pull request ID:

Crash signature (v1):

Crash signature (v2):

Description

Right now, an OSD operation that has insufficient permissions gets dropped without an EPERM error being sent back. I can't think of any good DoS reasons to do something like that, and the user experience (eg, using the wrong key, or having messed up granted permissions) can be really terrible, so fix!

It's actually a really simple patch but I'm working on other things and don't want to sidetrack myself into validating it right now — just fix up the couple places that call op_has_sufficient_caps() to call service.reply_op_error(op, -EPERM) before returning.

Associated revisions

Revision a73777a9 (diff)
Added by Sage Weil over 10 years ago

osd: return -EPERM on insufficient caps

Send a failure to the client instead of dropping the request on the floor.

Fixes: #3066
Signed-off-by: Sage Weil <sage@inktank.com>

History

#1 Updated by Sage Weil about 10 years ago

Status changed from New to Resolved

Also available in: Atom PDF

Project

General

Profile

Ceph

Issues

Tags

Custom queries

Bug #3066

impermissible OSD ops get dropped on the floor

Associated revisions

History

#1 Updated by Sage Weil about 10 years ago