[
https://issues.apache.org/jira/browse/CASSANDRA-9085?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15025694#comment-15025694
]
Brian Hawkins commented on CASSANDRA-9085:
------------------------------------------
C* no longer uses phantom references as of what version? I'm on 2.0.14.
What is wrong with local JMX in production? The idea was an open jmx port is a
security problem so a local jmx seems like a good solution.
> Bind JMX to localhost unless explicitly configured otherwise
> ------------------------------------------------------------
>
> Key: CASSANDRA-9085
> URL: https://issues.apache.org/jira/browse/CASSANDRA-9085
> Project: Cassandra
> Issue Type: Bug
> Components: Configuration, Observability
> Reporter: T Jake Luciani
> Assignee: T Jake Luciani
> Priority: Critical
> Fix For: 2.0.14, 2.1.4
>
>
> Cassandra's default JMX config can lead to someone executing arbitrary code:
> see http://www.mail-archive.com/[email protected]/msg41819.html
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
