Skip to content

binder: REMOTE_UID must hold exactly the uid passed to the SecurityPolicy and never change #12314

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Aug 28, 2025
Merged

binder: REMOTE_UID must hold exactly the uid passed to the SecurityPolicy and never change #12314

merged 3 commits into from
Aug 28, 2025

Conversation

@jdcormie
Copy link
Member

@jdcormie jdcormie commented Aug 27, 2025
edited
Loading

attributes = setSecurityAttrs(attributes, remoteUid); should not run for :

  • a malformed SETUP_TRANSPORT transaction
  • a rogue SETUP_TRANSPORT transaction that arrives post-TransportState.SETUP

@jdcormie jdcormie changed the title binder: A post-setup SETUP_TRANSPORT must not change the already-authorized REMOTE_UID binder: REMOTE_UID must hold exactly the uid passed to the SecurityPolicy and never change Aug 27, 2025
@jdcormie jdcormie requested a review from ejona86 August 27, 2025 19:46
@ejona86
Copy link
Member

ejona86 commented Aug 27, 2025

That Windows failure has been happening since one of the servlet changes got submitted. Let me not make Windows required, and use MacOS instead

@ejona86
Copy link
Member

ejona86 commented Aug 27, 2025

I swapped it to MacOS. You can ignore the tomcat failure for now.

@jdcormie jdcormie added the kokoro:force-run Add this label to a PR to tell Kokoro to re-run all tests. Not generally necessary label Aug 27, 2025
@grpc-kokoro grpc-kokoro removed the kokoro:force-run Add this label to a PR to tell Kokoro to re-run all tests. Not generally necessary label Aug 27, 2025
@jdcormie jdcormie merged commit c643e68 into grpc:master Aug 28, 2025
15 of 16 checks passed
@jdcormie
Copy link
Member Author

jdcormie commented Aug 28, 2025

TGP passes as fusion2/OCL:800140507:BASE:800123067:1756358895371:b52a1c59

AgraVator pushed a commit to AgraVator/grpc-java that referenced this pull request Sep 26, 2025
@jdcormie @AgraVator
binder: REMOTE_UID must hold exactly the uid passed to the SecurityPo…
840f1e2 
…licy and never change (grpc#12314)

`attributes = setSecurityAttrs(attributes, remoteUid);` should not run
for :
- a malformed SETUP_TRANSPORT transaction
- a rogue SETUP_TRANSPORT transaction that arrives
post-TransportState.SETUP
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ejona86 ejona86 ejona86 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jdcormie @ejona86 @grpc-kokoro