You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@kudu.apache.org by "Hao Hao (JIRA)" <ji...@apache.org> on 2017/05/18 20:18:04 UTC

[jira] [Resolved] (KUDU-1875) Refuse unauthenticated connections from publicly routable IP addrs

     [ https://issues.apache.org/jira/browse/KUDU-1875?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Hao Hao resolved KUDU-1875.
---------------------------
       Resolution: Fixed
    Fix Version/s: 1.4.0

> Refuse unauthenticated connections from publicly routable IP addrs
> ------------------------------------------------------------------
>
>                 Key: KUDU-1875
>                 URL: https://issues.apache.org/jira/browse/KUDU-1875
>             Project: Kudu
>          Issue Type: Improvement
>          Components: rpc, security
>    Affects Versions: 1.2.0
>            Reporter: Dan Burkert
>            Assignee: Hao Hao
>             Fix For: 1.4.0
>
>
> Kudu should by default not accept unauthenticated connections from publicly routable IPs, even if authentication and encryption are not configured.  An unsafe flag should be provided to enable unauthenticated connections from publicly routable IPs, with appropriately scary verbiage and a link to https://krebsonsecurity.com/2017/01/extortionists-wipe-thousands-of-databases-victims-who-pay-up-get-stiffed/.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)