Ahmed Bashir created CASSANDRA-5401:
---------------------------------------

             Summary: Pluggable security feature to prevent node from joining a 
cluster and running destructive commands
                 Key: CASSANDRA-5401
                 URL: https://issues.apache.org/jira/browse/CASSANDRA-5401
             Project: Cassandra
          Issue Type: Improvement
          Components: Config, Core
    Affects Versions: 1.1.10
         Environment: Production
            Reporter: Ahmed Bashir


It's possible for a node to join an existing cluster (with perhaps more 
stringent security restrictions i.e. not using AllowAllAuthentication) and 
issue destructive commands that affect the cluster at large (e.g. drop keyspace 
via cassandra-cli, etc).  

This can be circumvented with a pluggable security module that could be used to 
implement basic node vetting/identification/etc.  



--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to