[jira] [Updated] (HDDS-231) Deny connections from non-local routable subnets by default

Prashant Pogde (Jira) Fri, 29 Jan 2021 10:23:59 -0800


     [ 
https://issues.apache.org/jira/browse/HDDS-231?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Prashant Pogde updated HDDS-231:
--------------------------------
    Target Version/s: 1.2.0  (was: 1.1.0)

> Deny connections from non-local routable subnets by default
> -----------------------------------------------------------
>
>                 Key: HDDS-231
>                 URL: https://issues.apache.org/jira/browse/HDDS-231
>             Project: Hadoop Distributed Data Store
>          Issue Type: Improvement
>            Reporter: Arpit Agarwal
>            Priority: Major
>
> Apache Kudu limits unauthorized connections when strong security is disabled:
> bq. When disabled or strong authentication fails for 'optional', by default 
> Kudu will only allow unauthenticated connections from trusted subnets, which 
> are private networks (127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16, 
> 169.254.0.0/16) and local subnets of all local network interfaces. 
> Unauthenticated connections from publicly routable IPs will be rejected.
> See https://kudu.apache.org/docs/security.html.
> We should use a similar approach for Ozone/HDDS.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Updated] (HDDS-231) Deny connections from non-local routable subnets by default

Reply via email to