[jira] [Updated] (AIRFLOW-6027) Disable API access by default

Kamil Bregula (Jira) Mon, 09 Dec 2019 05:54:12 -0800


     [ 
https://issues.apache.org/jira/browse/AIRFLOW-6027?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Kamil Bregula updated AIRFLOW-6027:
-----------------------------------
    Description: Default configuration should be secure, so open unsecured API 
is a big problem.  A lot of Airflow instances may not change the default 
configuration and therefore be vulnerable to third party attacks.

> Disable API access by default
> -----------------------------
>
>                 Key: AIRFLOW-6027
>                 URL: https://issues.apache.org/jira/browse/AIRFLOW-6027
>             Project: Apache Airflow
>          Issue Type: Bug
>          Components: api, security
>    Affects Versions: 1.10.6
>            Reporter: Kamil Bregula
>            Priority: Major
>
> Default configuration should be secure, so open unsecured API is a big 
> problem.  A lot of Airflow instances may not change the default configuration 
> and therefore be vulnerable to third party attacks.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (AIRFLOW-6027) Disable API access by default

Reply via email to