cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brandon Williams (JIRA)" <j...@apache.org>
Subject [jira] [Assigned] (CASSANDRA-5401) Pluggable security feature to prevent node from joining a cluster and running destructive commands
Date Mon, 01 Apr 2013 22:03:17 GMT

     [ https://issues.apache.org/jira/browse/CASSANDRA-5401?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Brandon Williams reassigned CASSANDRA-5401:
-------------------------------------------

    Assignee: Aleksey Yeschenko
    
> Pluggable security feature to prevent node from joining a cluster and running destructive
commands
> --------------------------------------------------------------------------------------------------
>
>                 Key: CASSANDRA-5401
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-5401
>             Project: Cassandra
>          Issue Type: Improvement
>          Components: Config, Core
>    Affects Versions: 1.1.10
>         Environment: Production
>            Reporter: Ahmed Bashir
>            Assignee: Aleksey Yeschenko
>              Labels: configuration, security
>
> It's possible for a node to join an existing cluster (with perhaps more stringent security
restrictions i.e. not using AllowAllAuthentication) and issue destructive commands that affect
the cluster at large (e.g. drop keyspace via cassandra-cli, etc).  
> This can be circumvented with a pluggable security module that could be used to implement
basic node vetting/identification/etc.  

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message