Uploaded image for project: 'HBase'
  1. HBase
  2. HBASE-13772

Replication endpoints should restrict access to a limited set of principals

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Critical
    • Resolution: Won't Fix
    • None
    • None
    • None
    • None

    Description

      Replication endpoints will accept RPC connections from any Kerberos principal that is trusted by the endpoint's local KDC. This is far too open and may allow for the establishment of rogue endpoints (in conjunction with HBASE-13771).

      Attachments

        Issue Links

          is blocked by

          Improvement - An improvement or enhancement to an existing feature or task. HBASE-13771 Replication clients should not access zookeeper directly

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Activity

            People

              Unassigned Unassigned
              apurtell Andrew Kyle Purtell
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: