Dan Burkert created KUDU-1875:
---------------------------------
Summary: Refuse unauthenticated connections from publicly routable
IP addrs
Key: KUDU-1875
URL: https://issues.apache.org/jira/browse/KUDU-1875
Project: Kudu
Issue Type: Improvement
Components: rpc, security
Affects Versions: 1.2.0
Reporter: Dan Burkert
Kudu should by default not accept unauthenticated connections from publicly
routable IPs, even if authentication and encryption are not configured. An
unsafe flag should be provided to enable unauthenticated connections from
publicly routable IPs, with appropriately scary verbiage and a link to
https://krebsonsecurity.com/2017/01/extortionists-wipe-thousands-of-databases-victims-who-pay-up-get-stiffed/.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
