Vyom Mani Tiwari created RANGER-5690:
----------------------------------------

             Summary: UnixAuth service lacks rate limiting on authentication 
attempts
                 Key: RANGER-5690
                 URL: https://issues.apache.org/jira/browse/RANGER-5690
             Project: Ranger
          Issue Type: Bug
          Components: Ranger
    Affects Versions: 2.8.0
            Reporter: Vyom Mani Tiwari
            Assignee: Vyom Mani Tiwari
             Fix For: 3.0.0


The Unix Authentication Service does not implement rate limiting, attempt 
counting, or lockout mechanisms for authentication requests.

This allows repeated password guessing attempts from any client that can reach 
the UnixAuth listener.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to