nichtich commented on issue #1796: URL: https://github.com/apache/jena/issues/1796#issuecomment-1475730809
If you start a Fuseki default instance, the moment you create a dataset, anybody can manipulate its contents and fill your whole disk space with write operations. This is a security issue. A script to scan for IPs with open port :3030, query `/$/status` and then copy and delete all database contents is three lines of shell scripting. How about changing the default ACL so new datasets are only writeable from localhost unless you actively modify the settings? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
