[jira] [Commented] (KUDU-1875) Refuse unauthenticated connections from publicly routable IP addrs

Hao Hao (JIRA) Thu, 18 May 2017 13:17:48 -0700

    [ 
https://issues.apache.org/jira/browse/KUDU-1875?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16016398#comment-16016398
 ]


Hao Hao commented on KUDU-1875:
-------------------------------

Added corresponding documentation to security doc and release notes.

> Refuse unauthenticated connections from publicly routable IP addrs
> ------------------------------------------------------------------
>
>                 Key: KUDU-1875
>                 URL: https://issues.apache.org/jira/browse/KUDU-1875
>             Project: Kudu
>          Issue Type: Improvement
>          Components: rpc, security
>    Affects Versions: 1.2.0
>            Reporter: Dan Burkert
>            Assignee: Hao Hao
>
> Kudu should by default not accept unauthenticated connections from publicly 
> routable IPs, even if authentication and encryption are not configured.  An 
> unsafe flag should be provided to enable unauthenticated connections from 
> publicly routable IPs, with appropriately scary verbiage and a link to 
> https://krebsonsecurity.com/2017/01/extortionists-wipe-thousands-of-databases-victims-who-pay-up-get-stiffed/.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KUDU-1875) Refuse unauthenticated connections from publicly routable IP addrs

Reply via email to