digital-asset/daml
1
1
Fork 0
mirror of https://github.com/digital-asset/daml.git synced 2024-09-20 01:07:18 +03:00
Code Issues Projects Releases Wiki Activity

New error category: SecurityAlert (#14957)

Browse Source 
CHANGELOG_BEGIN
Added new error category "SecurityAlert".
Corrected documentation of GRPC status codes for error categories MaliciousOrFaultyBehavior, AuthInterceptorInvalidAuthenticationCredentials, and InsufficientPermission.
CHANGELOG_END
This commit is contained in:
Matthias Schmalz 2022-09-07 15:57:04 +02:00 committed by GitHub
parent 09d9dd903c
commit 08559be6af
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 42 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
docs/resources/generated-error-pages/error-categories-inventory.rst.inc
View File

@ -66,7 +66,7 @@ MaliciousOrFaultyBehaviour
**Default log level**: WARN
**Description**: Request processing failed due to unrecoverable data loss or corruption (e.g. detected via checksums). This error is exposed on the API with grpc-status INTERNAL without any details for security reasons
**Description**: Request processing failed due to unrecoverable data loss or corruption (e.g. detected via checksums). This error is exposed on the API with grpc-status UNKNOWN without any details for security reasons
**Resolution**: Expectation: this can be a severe issue that requires operator attention or intervention, and potentially vendor support.
@ -81,7 +81,7 @@ AuthInterceptorInvalidAuthenticationCredentials
**Default log level**: WARN
**Description**: The request does not have valid authentication credentials for the operation. This error is exposed on the API with grpc-status INTERNAL without any details for security reasons
**Description**: The request does not have valid authentication credentials for the operation. This error is exposed on the API with grpc-status UNAUTHENTICATED without any details for security reasons
**Resolution**: Expectation: this is an application bug, application misconfiguration or ledger-level misconfiguration. Resolution requires application and/or ledger operator intervention.
@ -96,13 +96,28 @@ InsufficientPermission
**Default log level**: WARN
**Description**: The caller does not have permission to execute the specified operation. This error is exposed on the API with grpc-status INTERNAL without any details for security reasons
**Description**: The caller does not have permission to execute the specified operation. This error is exposed on the API with grpc-status PERMISSION_DENIED without any details for security reasons
**Resolution**: Expectation: this is an application bug or application misconfiguration. Resolution requires application operator intervention.
**Retry strategy**: Retry after application operator intervention.
SecurityAlert
========================================================================================================================
**Category id**: 15
**gRPC status code**: INVALID_ARGUMENT
**Default log level**: WARN
**Description**: A potential attack has been detected. This error is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons.
**Resolution**: Expectation: this can be a severe issue that requires operator attention or intervention, and potentially vendor support.
**Retry strategy**: Errors in this category are non-retryable.
InvalidIndependentOfSystemState
========================================================================================================================
**Category id**: 8

27
ledger/error/src/main/scala/com/daml/error/ErrorCategory.scala
View File

@ -46,6 +46,7 @@ object ErrorCategory {
MaliciousOrFaultyBehaviour,
AuthInterceptorInvalidAuthenticationCredentials,
InsufficientPermission,
SecurityAlert,
InvalidIndependentOfSystemState,
InvalidGivenCurrentSystemStateOther,
InvalidGivenCurrentSystemStateResourceExists,
@ -157,7 +158,7 @@ object ErrorCategory {
*/
@Description(
"""Request processing failed due to unrecoverable data loss or corruption
|(e.g. detected via checksums). This error is exposed on the API with grpc-status INTERNAL without any details for security reasons"""
|(e.g. detected via checksums). This error is exposed on the API with grpc-status UNKNOWN without any details for security reasons"""
)
@RetryStrategy("Retry after operator intervention.")
@Resolution(
@ -178,7 +179,7 @@ object ErrorCategory {
/** Client is not authenticated properly
*/
@Description(
"""The request does not have valid authentication credentials for the operation. This error is exposed on the API with grpc-status INTERNAL without any details for security reasons"""
"""The request does not have valid authentication credentials for the operation. This error is exposed on the API with grpc-status UNAUTHENTICATED without any details for security reasons"""
)
@RetryStrategy("""Retry after application operator intervention.""")
@Resolution(
@ -199,7 +200,7 @@ object ErrorCategory {
/** Client does not have appropriate permissions
*/
@Description(
"""The caller does not have permission to execute the specified operation. This error is exposed on the API with grpc-status INTERNAL without any details for security reasons"""
"""The caller does not have permission to execute the specified operation. This error is exposed on the API with grpc-status PERMISSION_DENIED without any details for security reasons"""
)
@RetryStrategy("""Retry after application operator intervention.""")
@Resolution(
@ -217,6 +218,26 @@ object ErrorCategory {
)
with ErrorCategory
@Description(
"""A potential attack has been detected.
|This error is exposed on the API with grpc-status INVALID_ARGUMENT without any details for security reasons."""
)
@RetryStrategy("Errors in this category are non-retryable.")
@Resolution(
"""Expectation: this can be a severe issue that requires operator attention or intervention, and
|potentially vendor support."""
)
object SecurityAlert
extends ErrorCategoryImpl(
grpcCode = Some(Code.INVALID_ARGUMENT),
logLevel = Level.WARN,
retryable = None,
securitySensitive = true,
asInt = 15,
rank = 1,
)
with ErrorCategory
/** A request which is never going to be valid
*/
@Description("""The request is invalid independent of the state of the system.""")