[CASSANDRA-5144] Validate login for Thrift describe_keyspace, describe_keyspaces and set_keyspace methods - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Low
Resolution: Fixed
Fix Version/s: 1.2.1
Component/s: None
Labels:
None

Severity:
Low

Description

Not validating login leaks info about keyspaces and columnfamilies if the configured authenticator requires validation.

This change does not affect AllowAllAuthenticator, but if an implementation forbids anonymous access, we should deny this information to unauthenticated users.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

5144.txt
10/Jan/13 21:48
3 kB
Aleksey Yeschenko

Activity

People

Assignee:: Aleksey Yeschenko

Reporter:: Aleksey Yeschenko

Authors:: Aleksey Yeschenko

Reviewers:: Jonathan Ellis

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 10/Jan/13 21:47

Updated:: 16/Apr/19 09:32

Resolved:: 11/Jan/13 00:06