Robert Joseph Evans created STORM-3227:
------------------------------------------
Summary: Improve security of credentials push
Key: STORM-3227
URL: https://issues.apache.org/jira/browse/STORM-3227
Project: Apache Storm
Issue Type: Improvement
Components: storm-client, storm-server
Reporter: Robert Joseph Evans
Assignee: Robert Joseph Evans
When pushing credentials to a topology most of the checks we do right now are
to verify that the topology is allowing a given user to do the push, but we
also need to protect the user from pushing to the wrong topology.
This is really only an issue if a user has the push setup on some kind of a
cron like job, and the topology is down (which should be rare), but to
eliminate any race conditions we should have nimbus either verify that the
topology is owned by the same user as the one doing the push, or have an
optional user that the client expects the topology to be owned by.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
