[
https://issues.apache.org/jira/browse/THRIFT-183?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12643002#action_12643002
]
Mark Slee commented on THRIFT-183:
----------------------------------
I don't think this patch really belongs in the codebase. This is only a
client-side script that you're protecting. This isn't affecting who actually
has any privileges to make this type of call into the server. There's no real
reason why root should be required to run fb303 management scripts. You may
have your network set up this way, but it's completely reasonable for people to
run Thrift services in non-root environments and want to administer them as
such.
So, this is a nice gatekeeper to block mistakes in some configurations, but an
unnecessary limitation for non-root environments..
> let non-root issues run fb303 status commands
> ---------------------------------------------
>
> Key: THRIFT-183
> URL: https://issues.apache.org/jira/browse/THRIFT-183
> Project: Thrift
> Issue Type: Improvement
> Affects Versions: 0.1
> Environment: all
> Reporter: Ian Holsman
> Priority: Minor
> Fix For: 0.1
>
> Attachments: fb303.patch
>
>
> this patch allows non-root users to issue the following commands:
> counters
> name
> version
> alive
> status
> leaving 'stop' and 'reload' as root operations.
> It also provides a basic help/usage
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
