Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

db-console: Allow users with MODIFIFYCLUSTERSETTING to view unredacted cluster settings #137698

Open
kyle-a-wong opened this issue Dec 18, 2024 · 0 comments
Open

db-console: Allow users with MODIFIFYCLUSTERSETTING to view unredacted cluster settings #137698

kyle-a-wong opened this issue Dec 18, 2024 · 0 comments
Labels
branch-master Failures and bugs on the master branch. C-bug Code not up to spec/doc, specs & docs deemed correct. Solution expected to change code/behavior. T-observability

Comments

@kyle-a-wong
Copy link
Contributor

kyle-a-wong commented Dec 18, 2024
edited
Loading

#115851 Introduced logic to allow users with MODIFYCLUSTERSETTING privilege to view sensitive cluster settings when viewing cluster settings via SQL. This same logic doesn't hold true for the cluster settings page in DB-console and sensitive settings are always redacted, unless the user is an admin. Based on this conversations, DB-console should have the same rules and should allow users with MODIFYCLUSTERSETTING to be able to view sensitive cluster settings.

The reason why db-console doesn't show sensitive cluster setting values is because it implements its own authorization and redaction logic and accesses settings via the settings registry directly, instead of querying the crdb_internal table. Possible solutions:

  1. Update the admin server to query crdb_internal, which will take care of privilege checking
  2. Update the auth checking to allow users with MODIFYCLUSTERSETTING to view sensitive settings

slack conversation for some more context: https://cockroachlabs.slack.com/archives/C063CP41TG9/p1734041508464959
Jira issue: CRDB-45709
@kyle-a-wong kyle-a-wong added C-bug Code not up to spec/doc, specs & docs deemed correct. Solution expected to change code/behavior. branch-master Failures and bugs on the master branch. T-observability labels Dec 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
branch-master Failures and bugs on the master branch. C-bug Code not up to spec/doc, specs & docs deemed correct. Solution expected to change code/behavior. T-observability
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kyle-a-wong