Jinmei Liao created GEODE-1909:

             Summary: A user with no privilege can start a server
                 Key: GEODE-1909
                 URL: https://issues.apache.org/jira/browse/GEODE-1909
             Project: Geode
          Issue Type: Bug
            Reporter: Jinmei Liao

1) Start the locator with a security-manager:
start locator --name=loc1 --security-properties-file=security.properties 

2) connect to the locator using: guest/guest

3), try start a server as guest:
start server --name=server1 
--security-properties-file=serverSecurity.properties --locators=localhost[10334]

The server will be started.

We should allow only user with DATA:MANAGE permission to start a server.

This message was sent by Atlassian JIRA

Reply via email to