zookeeper-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alexander Shraer <shra...@gmail.com>
Subject Re: Zookeeper with SSL release date
Date Fri, 01 Apr 2016 18:32:40 GMT
Hi Shawn,

My proposal was in the following context - Flavio suggested to add new
to disable reconfig in order not to surprise users with new security
that arise from dynamic reconfiguration. My point was that we already have
a mechanism we could use - ACLs. But if we need to do that while also
unprotected use of reconfig for some users, perhaps a flag is a better

I think we have some flexibility here since reconfig is a new feature so we
choose to be concervative and release it first only to people that do use
ACLs, but
I don't feel strongly about it, either way.

What do you think ?  Flavio, Patrick, what's your opinion on this ?


On Fri, Apr 1, 2016 at 10:16 AM, Shawn Heisey <apache@elyograg.org> wrote:

> This is a potential worry even without reconfig -- a malicious person
> could change or delete the entire database ... yet many people
> (including me) run without ACLs.
> My ZK ensemble is in a network location that unauthorized people can't
> reach without finding and exploiting some vulnerability that has not yet
> reached my awareness.
> If somebody can gain access to the ZK machines, at least one of my
> public-facing servers is already compromised.  ZK will be very low on my
> list of things to worry about.  Chances

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message