dlmarion commented on PR #2707: URL: https://github.com/apache/accumulo/pull/2707#issuecomment-1129859495
> It's just that the relatively casual approach to hanging onto credentials here for performance seems to contrast with the aggressive approach to clearing security-related fields that you proposed in https://github.com/apache/accumulo/pull/2616, and I'm not sure how to reconcile the two approaches with a single coherent "security" principle. #2616 is about the encryption keys, but your point is fair. If @keith-turner's solution to the locking problem in #2700 is enough to solve the problem in the ScanServer and this is not needed, then I think we should not merge it. If this does help, I don't see it as any worse than storing the credentials in the likely longer-lived Session objects. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
