[jboss-jira] [JBoss JIRA] (WFLY-2379) Can't call "describe" via JMX

RH Bugzilla Integration (JIRA) jira-events at lists.jboss.org
Thu Oct 24 12:18:02 EDT 2013 

    [ https://issues.jboss.org/browse/WFLY-2379?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12824709#comment-12824709 ] 

RH Bugzilla Integration commented on WFLY-2379:
-----------------------------------------------

Brian Stansberry <brian.stansberry at redhat.com> made a comment on [bug 1023100|https://bugzilla.redhat.com/show_bug.cgi?id=1023100]

I changed the title. We won't be exposing these over the other interfaces. This isn't really related to RBAC.
                
> Can't call "describe" via JMX
> -----------------------------
>
>                 Key: WFLY-2379
>                 URL: https://issues.jboss.org/browse/WFLY-2379
>             Project: WildFly
>          Issue Type: Sub-task
>      Security Level: Public(Everyone can see) 
>          Components: Domain Management, JMX
>            Reporter: Ladislav Thon
>            Assignee: Kabir Khan
>            Priority: Minor
>              Labels: rbac-filed-by-qa
>
> It's not possible to call "non-published" operations (those that are not visible in the resource tree, e.g. {{describe}}) via JMX, while it's entirely possible to call them via CLI (e.g. {{/subsystem=security:describe}}) and other management interfaces.
> The problem lies in the fact that {{ModelControllerMBeanHelper.invoke}} method checks {{if (!accessControl.isExecutableOperation(operationName))}} and the {{isExecutableOperation}} method assumes that the operation will be visible in the resource tree. In fact, there is a comment stating _should not happen_, but now we know that it indeed _can_ happen.
> What's more, it gives a misleading error message. The {{isExecutableOperation}} returns {{false}} for unknown operations, which results in {{Not authorized to invoke operation}} message. Which is wrong in two different ways simultaneously: 1. the problem isn't authorization, but the fact that the operation can't be found; 2. the user (e.g. in the {{SuperUser}} role) _is_ authorized.
> I'm considering this low priority, because 1. JMX is likely to be very rarely used to access the management interface, 2. hiding information isn't nearly as important as leaking them, 3. non-published operations aren't nearly as important as the published ones. It's worth a JIRA nevertheless.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list