adutra commented on PR #15500: URL: https://github.com/apache/iceberg/pull/15500#issuecomment-4198197180
> one such flag jdk.tls.trustNameService This property lives in `SSLSocketImpl.useImplicitHost()` and only triggers when an `SSLSocket` is connected without an explicit hostname. I believe Apache HC5 always provide the target hostname explicitly from the URL when setting up connections (see `AbstractClientTlsStrategy.upgrade()`). So the incriminated code path is never reached in practice. > The attack requires controlling both the JVM launch flags AND a DNS server - at that point one have bigger problems Exactly. If an attacker can set JVM launch flags, they can already disable TLS entirely, swap trust stores, etc. The game is already over. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
