You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hbase.apache.org by "stack (JIRA)" <ji...@apache.org> on 2018/03/02 04:21:00 UTC

[jira] [Updated] (HBASE-13772) Replication endpoints should restrict access to a limited set of principals

     [ https://issues.apache.org/jira/browse/HBASE-13772?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

stack updated HBASE-13772:
--------------------------
    Fix Version/s:     (was: 2.0.0)

> Replication endpoints should restrict access to a limited set of principals
> ---------------------------------------------------------------------------
>
>                 Key: HBASE-13772
>                 URL: https://issues.apache.org/jira/browse/HBASE-13772
>             Project: HBase
>          Issue Type: Bug
>            Reporter: Andrew Purtell
>            Priority: Critical
>
> Replication endpoints will accept RPC connections from any Kerberos principal that is trusted by the endpoint's local KDC. This is far too open and may allow for the establishment of rogue endpoints (in conjunction with HBASE-13771). 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)