geode-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jinmei Liao (JIRA)" <j...@apache.org>
Subject [jira] [Created] (GEODE-1909) A user with no privilege can start a server
Date Mon, 19 Sep 2016 18:14:20 GMT
Jinmei Liao created GEODE-1909:
----------------------------------

             Summary: A user with no privilege can start a server
                 Key: GEODE-1909
                 URL: https://issues.apache.org/jira/browse/GEODE-1909
             Project: Geode
          Issue Type: Bug
            Reporter: Jinmei Liao


1) Start the locator with a security-manager:
start locator --name=loc1 --security-properties-file=security.properties --classpath=/Users/jiliao/my_gemfire/security

2) connect to the locator using: guest/guest

3), try start a server as guest:
start server --name=server1 --security-properties-file=serverSecurity.properties --locators=localhost[10334]

The server will be started.

We should allow only user with DATA:MANAGE permission to start a server.




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message