impermissible OSD ops get dropped on the floor
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Right now, an OSD operation that has insufficient permissions gets dropped without an EPERM error being sent back. I can't think of any good DoS reasons to do something like that, and the user experience (eg, using the wrong key, or having messed up granted permissions) can be really terrible, so fix!
It's actually a really simple patch but I'm working on other things and don't want to sidetrack myself into validating it right now — just fix up the couple places that call op_has_sufficient_caps() to call service.reply_op_error(op, -EPERM) before returning.
osd: return -EPERM on insufficient caps
Send a failure to the client instead of dropping the request on the floor.
Signed-off-by: Sage Weil <email@example.com>
#1 Updated by Sage Weil about 10 years ago
- Status changed from New to Resolved