You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "Jonathan Ellis (Resolved) (JIRA)" <ji...@apache.org> on 2011/11/08 00:58:51 UTC
[jira] [Resolved] (CASSANDRA-2274) Restrict Cassandra cluster node
joins to a list of named hosts
[ https://issues.apache.org/jira/browse/CASSANDRA-2274?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jonathan Ellis resolved CASSANDRA-2274.
---------------------------------------
Resolution: Not A Problem
Looks to me like between iptables and encryption we have this covered. Getting your ops team to use those appropriately is frankly an exercise for the reader. We don't have so many resources that we should squander them reinventing wheels that are better handled elsewhere.
> Restrict Cassandra cluster node joins to a list of named hosts
> --------------------------------------------------------------
>
> Key: CASSANDRA-2274
> URL: https://issues.apache.org/jira/browse/CASSANDRA-2274
> Project: Cassandra
> Issue Type: Improvement
> Components: Core
> Affects Versions: 0.7.2
> Environment: All
> Reporter: Andrew Schiefelbein
>
> Because firewalls and employees are not infallible it would be nice to restrict the ability of any node to join a cluster to a list of named hosts in the configuration so that someone would be unable to start a node and replicate all the data locally. I understand that in order to do this the person must know the seed servers and the cluster name and to extract the data they will need a userid and password but another level of security would be to force them to execute any brute force attack from a locked down server instead of replicating all the data locally.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira