milleruntime commented on PR #2777: URL: https://github.com/apache/accumulo/pull/2777#issuecomment-1155479506
> I believe that this is part of the [public API](https://accumulo.apache.org/api/). Yeah, its definitely in the public API. I am not sure what the use case would be for using the Java serialization of the Auths though. > I'm not sure if this violates our policy, but I think it might. The question would be, if keeping the class serializable exposes a possible security flaw... is it worth breaking any serialization that a user may be using? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
