wuchong commented on PR #3299: URL: https://github.com/apache/fluss/pull/3299#issuecomment-4479457450
In addition, these RPCs are intended to be internal (used for intra-cluster communication) rather than public. The newly added validation allows clients with cluster() permissions to access them, which introduces potential security risks to the cluster. A better approach would be to restrict these RPCs to internal sessions only, returning an error for any non-internal sessions. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
