> It is true default glusterfs installation is too open. A simple
> solution would be to introduce an access control, either by
> IP whitelist, or better by shared secret.
>
> The obvious problem is that it breaks updates. At least peer
> know each others and could agree on automatically creating
On Fri, Feb 10, 2017 at 08:30:40AM -0500, Ira Cooper wrote:
> But I suspect... You got it right, Gluster isn't big enough to attack today.
It is just a matter of time.
--
Emmanuel Dreyfus
m...@netbsd.org
___
Gluster-devel mailing list
Honestly:
>From what I know of Gluster, and my experience with Samba.
If they target Gluster, you are going to get pwned. HARD.
Many, many, many, many times.
Trust me... On the Samba Team, we try to avoid security issues VERY actively,
and we still get a few here and there.
You can walk up
On Thu, Feb 09, 2017 at 03:53:52PM -0500, Jeff Darcy wrote:
> https://www.theregister.co.uk/2017/02/09/hadoop_clusters_fked/
> Similar attacks have occurred against MongoDB and ElasticSearch.
> How long before they target us? How will we do?
It is true default glusterfs installation is too