You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@accumulo.apache.org by GitBox <gi...@apache.org> on 2022/05/18 01:14:59 UTC

[GitHub] [accumulo] ctubbsii commented on pull request #2707: Cached last 16 successful ZKSecurityTool.checkCryptPass password checks

ctubbsii commented on PR #2707:
URL: https://github.com/apache/accumulo/pull/2707#issuecomment-1129467314

   There's probably a bit of a difference between not yet garbage collected objects and a well-known data structure containing them in a central place for a period of time. I haven't looked into them being stored in the Session you're referring to, so I don't have an opinion about that. It's just that the relatively casual approach to hanging onto credentials here for performance seems to contrast with the aggressive approach to clearing security-related fields that you proposed in #2616, and I'm not sure how to reconcile the two approaches with a single coherent "security" principle.
   
   Overall, I'm more fine than not with these changes... just not `+1` enthusiastic about it. I'm only comfortable enough to give it a `+0` from me.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@accumulo.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org