Ethanlm commented on a change in pull request #3367:
URL: https://github.com/apache/storm/pull/3367#discussion_r547517421
##########
File path: storm-client/src/jvm/org/apache/storm/daemon/worker/Worker.java
##########
@@ -121,6 +121,10 @@ public Worker(Map<String, Object> conf, IContext context,
String topologyId, Str
this.topologyConf =
ConfigUtils.overrideLoginConfigWithSystemProperty(ConfigUtils.readSupervisorStormConf(conf,
topologyId));
+ // see STORM-3728.
Review comment:
It is a little more than that.
Currently no matter what value `pacemaker.auth.method` is, write to
pacemaker is always allowed. see
https://github.com/apache/storm/blob/master/docs/Pacemaker.md#security.
Workers only write to pacemaker, so it can be just "NONE".
So I figured to use a JIRA ID to explain it.
In the future, we want to
1) fix worker authentication with pacemaker
2) secure write access on pacemaker
I will see what comments I can add
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
