poorbarcode commented on PR #23589: URL: https://github.com/apache/pulsar/pull/23589#issuecomment-2470036132
> The only possible concern in a multi-tenant system is that a malicious user could circumvent rate limits by using a topic name that gets considered as a system topic. I guess this is a matter of the definition of the security model in the multi-tenancy support that rate limits cannot be used to protect against malicious users. We don't currently document the security model so it's hard to resolve this as part of this PR. I guess we could create a separate issue for documenting the security model for multi-tenancy. Seems we never focused on the isolation for multi-tenants before, that should be a huge PIP, which contains Transaction(all namespaces use the same Transaction metadata store) and other components. 😂 Thanks for mentioning this, let me merge the PR first -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
