bneradt opened a new pull request, #9415: URL: https://github.com/apache/trafficserver/pull/9415
Making restricted_api false by default will cause ATS to enforce socket permissions rather than relying upon the DAC of the socket. With this change, ATS will restrict access to privileged users for write operations while allowing broader access for read-only options. Thus `traffic_ctl config get` will be generally accessible since it is a read-only operation, while `traffic_ctl config set` will require privilege since it modifies the configuration. This default should be reasonable since that is how 9.0 used to behave. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
