That's a great idea. The link talks about one specific vulnerability (password being logged in a cleartext :( ), but I'm interested in securing ZooKeeper in general. I've seen projects staying away from ZooKeeper because it doesn't support SSL, for example.
On Tue, Apr 22, 2014 at 9:32 AM, Flavio Junqueira <[email protected]> wrote: > Some of you may have noticed that there is a CVE entry for ZK: > > http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0085 > > I've never perceived ZK as a project particularly strong on the security > side, but I was wondering how folks in the list feel about creating a jira > and working something out. > > -Flavio
