You are viewing a plain text version of this content. The canonical link for it is here.

Posted to github@trafficserver.apache.org by "bneradt (via GitHub)" <gi...@apache.org> on 2023/02/15 17:33:18 UTC

[GitHub] [trafficserver] bneradt opened a new pull request, #9415: Make jsonrcp restricted_api false by default.

bneradt opened a new pull request, #9415:
URL: https://github.com/apache/trafficserver/pull/9415

   Making restricted_api false by default will cause ATS to enforce socket permissions rather than relying upon the DAC of the socket. With this change, ATS will restrict access to privileged users for write operations while allowing broader access for read-only options. Thus `traffic_ctl config get` will be generally accessible since it is a read-only operation, while `traffic_ctl config set` will require privilege since it modifies the configuration. This default should be reasonable since that is how 9.0 used to behave.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] bneradt merged pull request #9415: Make jsonrcp restricted_api false by default.

Posted by "bneradt (via GitHub)" <gi...@apache.org>.

bneradt merged PR #9415:
URL: https://github.com/apache/trafficserver/pull/9415


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org