If we think that having this strategy can be misused, we can always have a check to allow this only on Auth keyspace.
On Wed, Nov 30, 2016 at 4:19 PM, Brandon Williams <dri...@gmail.com> wrote: > Relevant: https://issues.apache.org/jira/browse/CASSANDRA-12912 > > On Wed, Nov 30, 2016 at 12:32 PM, Jeff Jirsa <jji...@apache.org> wrote: > > > > > > > On 2016-11-30 10:02 (-0800), Ben Bromhead <b...@instaclustr.com> wrote: > > > Also apparently the Everywhere Strategy is a bad idea (tm) according to > > > comments in https://issues.apache.org/jira/browse/CASSANDRA-12629 but > no > > > reason has been given why... > > > > > > > It's touched on in that thread, but it's REALLY EASY to misuse, and most > > people who want it are probably going to shoot themselves in the foot > with > > it. > > > > The one example Jeremiah gave is admin logins with system_auth - requires > > QUORUM, quorum on a large cluster is almost impossible to satisfy like > that > > (imagine a single digest mismatch triggering a blocking read repair on a > > hundred nodes, and what that does to the various thread pools). > > > > > > > > >
