hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Purtell (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HBASE-13772) Replication endpoints should restrict access to a limited set of principals
Date Sat, 18 Jun 2016 00:20:05 GMT

     [ https://issues.apache.org/jira/browse/HBASE-13772?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Andrew Purtell updated HBASE-13772:
-----------------------------------
    Assignee:     (was: Andrew Purtell)

> Replication endpoints should restrict access to a limited set of principals
> ---------------------------------------------------------------------------
>
>                 Key: HBASE-13772
>                 URL: https://issues.apache.org/jira/browse/HBASE-13772
>             Project: HBase
>          Issue Type: Bug
>            Reporter: Andrew Purtell
>            Priority: Critical
>             Fix For: 2.0.0
>
>
> Replication endpoints will accept RPC connections from any Kerberos principal that is
trusted by the endpoint's local KDC. This is far too open and may allow for the establishment
of rogue endpoints (in conjunction with HBASE-13771). 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message