You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@trafficserver.apache.org by "Leif Hedstrom (JIRA)" <ji...@apache.org> on 2011/05/08 21:52:03 UTC

[jira] [Updated] (TS-766) Authenticate access to cluster command port

     [ https://issues.apache.org/jira/browse/TS-766?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Leif Hedstrom updated TS-766:
-----------------------------

    Fix Version/s: 3.1

Moving this out to v3.1, it's a good suggestion, I just don't think anyone has the time to fix this for v3.0. If security is a concern, and you need clustering, the only suggestion I have is to do ACLs of some sort (e.g. iptables or other firewall rules, which ought to be easy to setup).

> Authenticate access to cluster command port
> -------------------------------------------
>
>                 Key: TS-766
>                 URL: https://issues.apache.org/jira/browse/TS-766
>             Project: Traffic Server
>          Issue Type: Improvement
>          Components: Clustering, Network
>    Affects Versions: 2.1.8
>            Reporter: Arno Toell
>              Labels: security
>             Fix For: 3.1
>
>
> Similar to TS-765, the cluster RPC interface should not be reachable by everyone. Instead some kind of peer authentication should apply. When clustering is enabled, please authenticate and/or restrict access to the RPC interface in a way only trusted peers are allowed to control the server. 

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira