Justin, I would like to request an inclusion of QPID-6410( [Java Broker] Disambiguate the connection adapter name by adding a connection ID to the name) : https://svn.apache.org/r1661929
We ran into the issue this morning. If not fixed, there is a risk of a dead-lock on broker side caused by the defect. The change itself is small (the the majority of the fix is comprised of changes to the tests ). The changes are reviewed by Keith Kind Regards, Alex On 24 February 2015 at 12:55, Justin Ross <[email protected]> wrote: > Thanks, Keith. It's now approved for 0.32. > > On Tue, Feb 24, 2015 at 7:50 AM, Keith W <[email protected]> wrote: > > > Hi Justin > > > > > > > > On 24 February 2015 at 12:31, Justin Ross <[email protected]> wrote: > > > >> The latter three are approved. > >> > >> On the first, QPID-6247. You say "only affects a part of Broker > >> functionality responsible for writing updates to configuration files". > >> This is the primary way users will store their configuration, true? If > >> so, > >> that's not isolated. > >> > >> It's also not small. Which leaves us with importance. Does this > deserve > >> an exception because it's a particularly severe defect? It looks (to > the > >> uninformed, me) like a normal priority defect. Is it a regression? > >> > >> > > It is true that QPID-6247 is a long standard defect, however, with > > changes we have already made in 0.32 the severity is increased. 0.32 > > brings with it the ability to upload private keys through the UI. By > > default, these keys are stored - inlined - within the Broker's > > configuration files and are written to disk. If we don't include > QPID-6247 > > the Broker won't preserve the file permissions on the configuration files > > through the update, and it could therefore become inadvertently readable > by > > others. This would represent a security issue. Apologies, we should > have > > identified the interdependency between this existing defect and the new > > feature earlier in the cycle. > > > > Kind regards, Keith > > > > > > > >> > >> >
