ctubbsii commented on PR #2707: URL: https://github.com/apache/accumulo/pull/2707#issuecomment-1129467314
There's probably a bit of a difference between not yet garbage collected objects and a well-known data structure containing them in a central place for a period of time. I haven't looked into them being stored in the Session you're referring to, so I don't have an opinion about that. It's just that the relatively casual approach to hanging onto credentials here for performance seems to contrast with the aggressive approach to clearing security-related fields that you proposed in #2616, and I'm not sure how to reconcile the two approaches with a single coherent "security" principle. Overall, I'm more fine than not with these changes... just not `+1` enthusiastic about it. I'm only comfortable enough to give it a `+0` from me. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
