From commits-return-17721-archive-asf-public=cust-asf.ponee.io@pulsar.apache.org Mon Nov 19 20:53:34 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id D4C1B180675 for ; Mon, 19 Nov 2018 20:53:33 +0100 (CET) Received: (qmail 80222 invoked by uid 500); 19 Nov 2018 19:53:33 -0000 Mailing-List: contact commits-help@pulsar.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@pulsar.apache.org Delivered-To: mailing list commits@pulsar.apache.org Received: (qmail 80213 invoked by uid 99); 19 Nov 2018 19:53:33 -0000 Received: from ec2-52-202-80-70.compute-1.amazonaws.com (HELO gitbox.apache.org) (52.202.80.70) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 19 Nov 2018 19:53:33 +0000 From: GitBox To: commits@pulsar.apache.org Subject: [GitHub] ivankelly commented on issue #2986: Fix logic to validate admin calls from proxy (validateOriginalPrincipal) Message-ID: <154265721248.21437.4673693929259897688.gitbox@gitbox.apache.org> Date: Mon, 19 Nov 2018 19:53:32 -0000 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit ivankelly commented on issue #2986: Fix logic to validate admin calls from proxy (validateOriginalPrincipal) URL: https://github.com/apache/pulsar/pull/2986#issuecomment-440021008 @jai1 @merlimat to put it another way, if we did not have proxyRoles, what would an attack that took advantage of that look like? ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: users@infra.apache.org With regards, Apache Git Services