zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From nkalmar <...@git.apache.org>
Subject [GitHub] zookeeper pull request #:
Date Wed, 01 Aug 2018 07:19:17 GMT
Github user nkalmar commented on the pull request:

    https://github.com/apache/zookeeper/commit/a2623a625a4778720f7d5482d0a66e9b37ae556f#commitcomment-29917129
  
    @maoling , the problem is, there is no security implemented. Anyone user who can access
ZooKeeper, can send commands to the ensemble. While all 4ltw commands is read-only, some takes
quite some time, so a DOS attack is actually possible. 
    
    So it has been deemed unsecure and deprecated, as far as I know. Originally I implemented
the 4ltw command for this PR but the I was suggested to remove from 3.6 and 3.5


---

Mime
View raw message