[ 
https://issues.apache.org/jira/browse/SPARK-57889?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Peter Toth updated SPARK-57889:
-------------------------------
    Affects Version/s:     (was: 4.2.0)

> Authorize StreamRequest consistently with ChunkFetchRequest in the transport 
> layer
> ----------------------------------------------------------------------------------
>
>                 Key: SPARK-57889
>                 URL: https://issues.apache.org/jira/browse/SPARK-57889
>             Project: Spark
>          Issue Type: Bug
>          Components: Spark Core
>    Affects Versions: 3.5.8, 4.1.2, 4.0.3
>            Reporter: Peter Toth
>            Assignee: Peter Toth
>            Priority: Major
>              Labels: pull-request-available
>             Fix For: 3.5.9, 4.3.0, 4.1.3, 4.0.4, 4.2.1
>
>
> The transport layer serves both ChunkFetchRequest and StreamRequest from the 
> same StreamManager. ChunkFetchRequestHandler calls 
> streamManager.checkAuthorization to enforce per-application ownership 
> (clientId == appId), but TransportRequestHandler.processStreamRequest calls 
> openStream directly with no such check. Because 
> OneForOneStreamManager.openStream addresses the same registered streams by 
> their string id ("streamId_chunkIndex"), a StreamRequest can read a stream 
> that the ChunkFetchRequest path would have authorized.
> Fix: call streamManager.checkAuthorization in processStreamRequest before 
> openStream, mirroring ChunkFetchRequestHandler. Add a 
> checkAuthorization(TransportClient, String) overload to StreamManager (no-op 
> default), overridden in OneForOneStreamManager to parse the string id and 
> delegate to the existing checkAuthorization(TransportClient, long). Like the 
> existing ChunkFetchRequest check, this enforces only for authenticated 
> clients (non-null client id); behavior is unchanged when authentication is 
> disabled.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to