Michael Smith has posted comments on this change. ( http://gerrit.cloudera.org:8080/18665 )
Change subject: IMPALA-11359: add no-check-certificate to wget in bootstrap_toolchain.py ...................................................................... Patch Set 1: Code-Review-1 (1 comment) http://gerrit.cloudera.org:8080/#/c/18665/1/bin/bootstrap_toolchain.py File bin/bootstrap_toolchain.py: http://gerrit.cloudera.org:8080/#/c/18665/1/bin/bootstrap_toolchain.py@133 PS1, Line 133: cmd = ["wget", "--no-check-certificate", download_path, This seems like a bad idea. What scenario did you run into where it seemed necessary? This opens downloads up to (unlikely) MitM supply chain attacks. -- To view, visit http://gerrit.cloudera.org:8080/18665 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: Impala-ASF Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: If8d74bf85b3462c84660c83f2832d4270eb38d31 Gerrit-Change-Number: 18665 Gerrit-PatchSet: 1 Gerrit-Owner: Quanlong Huang <[email protected]> Gerrit-Reviewer: Impala Public Jenkins <[email protected]> Gerrit-Reviewer: Michael Smith <[email protected]> Gerrit-Comment-Date: Fri, 24 Jun 2022 16:02:49 +0000 Gerrit-HasComments: Yes
