Nomad ACL roles with dangling policies cause permission evaluation issues #18619
Labels
stage/accepted
Confirmed, and intend to work on. No timeline committment though.
theme/allocation API
theme/security
type/bug
Nomad version
Issue
#17201 addressed the issue of roles with overlapping policies but there's another issue I stumbled upon related to a role containing one or more policies which have been deleted, which causes the list of allowed permissions to be erroneously computed; ultimately this results in allowed actions being denied to the user.
The involved code path is the same as for #17201, ACL.GetPolicies.
Reproduction steps
monitoring
andsystem
and deploy a simple job in thesystem
one.monitoring-admin
policyExpected Result
Actual Result
The text was updated successfully, but these errors were encountered: