[jira] [Commented] (ZOOKEEPER-4570) Admin server API for taking snapshot and stream out the data

Mon, 11 Jul 2022 11:06:08 -0700 


    [ 
https://issues.apache.org/jira/browse/ZOOKEEPER-4570?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17565127#comment-17565127
 ] 

Patrick D. Hunt commented on ZOOKEEPER-4570:
--------------------------------------------

I'm concerned that a write operation, and a potentially heavy weight one at 
that, is being added to the adminserver api - which has no auth controls. 
Additionally the defaults for the endpoint are sketchy aside from this feature 
(on by default, no HTTPS, etc...): 
https://zookeeper.apache.org/doc/r3.8.0/zookeeperAdmin.html#sc_adminserver_config

Not the fault of this feature, but it's something which needs to be considered 
if we're expanding the scope from "read some stats from the server" to "run 
operations on the server".

ps - awesome to see the docs were updated as part of this patch, kudos.

That said - there isn't much detail on the semantics of the "backup" - eg, what 
"version" am I getting? How do I know which version is the backup representing? 
For example, the return value from the curl call could (imo should) include 
some indication of the zxid corresponding to the snapshot. That would allow me 
to eg correlate btw. IMO likely the snapshot directory itself should include 
this information prominently - I don't see anything detailing the naming of the 
backup dir. 

I think allowing "# the parameter: snapDir which can specify the directory to 
store the snapshot" is probably a major security hole as well. Is this limited 
to a particular subdirectory? If not then there's all kinds of bad stuff an 
attacker could do....

> Admin server API for taking snapshot and stream out the data
> ------------------------------------------------------------
>
>                 Key: ZOOKEEPER-4570
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4570
>             Project: ZooKeeper
>          Issue Type: New Feature
>          Components: server
>            Reporter: Li Wang
>            Priority: Major
>
> Providing an admin server command API for taking a snapshot and stream out 
> the data to client.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to