You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@rocketmq.apache.org by "tongtaodragon (via GitHub)" <gi...@apache.org> on 2023/02/03 03:19:49 UTC
[GitHub] [rocketmq] tongtaodragon opened a new issue, #5970: Anyone from any hosts who can access rocketmq server can get all ACL configurations
tongtaodragon opened a new issue, #5970:
URL: https://github.com/apache/rocketmq/issues/5970
1. Please describe the issue you observed:
- What did you do (The steps to reproduce)?
One host which started namesrv and broker
Enable ACL
globalWhiteRemoteAddresses only configured this host IP address
People run mqadmin from other server using his AK/SK which is not admin
mqadmin getAclConfig
- What is expected to see?
Only admin with correct AK/SK can get ACL configurations
- What did you see instead?
non-admin account run mqadmin from other host get all ACL configurations
2. Please tell us about your environment:
One server which start namesrv and broker, the rocketmq version is 4.9.4
aclEnable=true
3. Other information (e.g. detailed explanation, logs, related issues, suggestions on how to fix, etc):
ACL information is admin related information which should only allow admin query/update.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@rocketmq.apache.org.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Re: [I] Anyone from any hosts who can access rocketmq server can get all ACL configurations [rocketmq]
Posted by "github-actions[bot] (via GitHub)" <gi...@apache.org>.
github-actions[bot] closed issue #5970: Anyone from any hosts who can access rocketmq server can get all ACL configurations
URL: https://github.com/apache/rocketmq/issues/5970
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@rocketmq.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Re: [I] Anyone from any hosts who can access rocketmq server can get all ACL configurations [rocketmq]
Posted by "github-actions[bot] (via GitHub)" <gi...@apache.org>.
github-actions[bot] commented on issue #5970:
URL: https://github.com/apache/rocketmq/issues/5970#issuecomment-1930989648
This issue is stale because it has been open for 365 days with no activity. It will be closed in 3 days if no further activity occurs.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@rocketmq.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Re: [I] Anyone from any hosts who can access rocketmq server can get all ACL configurations [rocketmq]
Posted by "github-actions[bot] (via GitHub)" <gi...@apache.org>.
github-actions[bot] commented on issue #5970:
URL: https://github.com/apache/rocketmq/issues/5970#issuecomment-1936758020
This issue was closed because it has been inactive for 3 days since being marked as stale.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@rocketmq.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org