From 84fb1bf3eefe88c0f5f15034d69c171e6531bf76 Mon Sep 17 00:00:00 2001 From: Yehuda Sadeh Date: Tue, 5 Nov 2013 14:54:20 -0800 Subject: [PATCH] rgw: deny writes to a secondary zone by non-system users Fixes: #6678 We don't want to allow regular users to write to secondary zones, otherwise we'd end up with data inconsistencies. Reviewed-by: Josh Durgin Signed-off-by: Yehuda Sadeh --- src/rgw/rgw_op.cc | 5 +++++ src/rgw/rgw_rados.cc | 4 ++++ src/rgw/rgw_rados.h | 3 +++ 3 files changed, 12 insertions(+) diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc index c750276596f83..bd73a239a4bf1 100644 --- a/src/rgw/rgw_op.cc +++ b/src/rgw/rgw_op.cc @@ -418,6 +418,11 @@ int RGWOp::verify_op_mask() return -EPERM; } + if (!s->system_request && (required_mask & RGW_OP_TYPE_MODIFY) && !store->zone.is_master) { + ldout(s->cct, 5) << "NOTICE: modify request to a non-master zone by a non-system user, permission denied" << dendl; + return -EPERM; + } + return 0; } diff --git a/src/rgw/rgw_rados.cc b/src/rgw/rgw_rados.cc index 4d6f8ef45301a..55d4b92bcbdb0 100644 --- a/src/rgw/rgw_rados.cc +++ b/src/rgw/rgw_rados.cc @@ -362,6 +362,10 @@ int RGWZoneParams::init(CephContext *cct, RGWRados *store, RGWRegion& region) return -EIO; } + is_master = (name == region.master_zone) || (region.master_zone.empty() && name == "default"); + + ldout(cct, 2) << "zone " << name << " is " << (is_master ? "" : "NOT ") << "master" << dendl; + return 0; } diff --git a/src/rgw/rgw_rados.h b/src/rgw/rgw_rados.h index 874492ffe692d..476572ce3f6c9 100644 --- a/src/rgw/rgw_rados.h +++ b/src/rgw/rgw_rados.h @@ -428,11 +428,14 @@ struct RGWZoneParams { rgw_bucket user_uid_pool; string name; + bool is_master; RGWAccessKey system_key; map placement_pools; + RGWZoneParams() : is_master(false) {} + static int get_pool_name(CephContext *cct, string *pool_name); void init_name(CephContext *cct, RGWRegion& region); int init(CephContext *cct, RGWRados *store, RGWRegion& region); -- 2.39.5