[jira] [Commented] (IGNITE-13478) Security issue in JMX configuration using ignite.sh

Wed, 21 Oct 2020 00:32:39 -0700 


    [ 
https://issues.apache.org/jira/browse/IGNITE-13478?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17218154#comment-17218154
 ] 

Sergey Chugunov commented on IGNITE-13478:
------------------------------------------

[~sdanilov],

This patch fixes security issue but changes default behavior of an important 
startup script. After this change user will have to configure JMX manually.

But Release Notes don't provide an answer of how to do this and I hasn't found 
any information on this in documentation as well.

So we need to create a ticket for documentation and mention in Release Notes 
that JMX configuration has to be provided in JVM_OPTS system property to be 
applied by ignite.sh script.

> Security issue in JMX configuration using ignite.sh
> ---------------------------------------------------
>
>                 Key: IGNITE-13478
>                 URL: https://issues.apache.org/jira/browse/IGNITE-13478
>             Project: Ignite
>          Issue Type: Bug
>          Components: control.sh
>    Affects Versions: 2.8.1
>            Reporter: Semyon Danilov
>            Assignee: Semyon Danilov
>            Priority: Major
>             Fix For: 2.10
>
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> At the moment we have the following code:
> *functions.sh*
>  
> {code:java}
> JMX_PORT=`"$JAVA" -cp "${IGNITE_LIBS}" 
> org.apache.ignite.internal.util.portscanner.GridJmxPortFinder`
> #
> # This variable defines necessary parameters for JMX
> # monitoring and management.
> #
> # This enables remote unsecure access to JConsole or VisualVM.
> #
> # ADD YOUR ADDITIONAL PARAMETERS/OPTIONS HERE
> #
> if [ -n "$JMX_PORT" ]; then
>     JMX_MON="-Dcom.sun.management.jmxremote 
> -Dcom.sun.management.jmxremote.port=${JMX_PORT} \
>         -Dcom.sun.management.jmxremote.authenticate=false 
> -Dcom.sun.management.jmxremote.ssl=false"
> else
>     # If JMX port wasn't found do not initialize JMX.
>     echo "$0, WARN: Failed to resolve JMX host (JMX will be disabled): 
> $HOSTNAME"
>     JMX_MON=""
> fi
> {code}
> So the properties -Dcom.sun.management.jmxremote.authenticate=false 
> -Dcom.sun.management.jmxremote.ssl=false will be set always and there is no 
> way to change them.
>  
> I propose removal of JMX configuration (in scripts) altogether as it's very 
> insecure and users must configure JMX themselves
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to