[CASSANDRA-5401] Pluggable security feature to prevent node from joining a cluster and running destructive commands - ASF JIRA

Agile Board

Attach files

Attach Screenshot

Bulk Copy Attachments

Bulk Move Attachments

Voters

Watch issue

Watchers

Create sub-task

Convert to sub-task

Move

Link

Clone

Labels

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Low
Resolution: Fixed
Fix Version/s: 1.1.11, 1.2.4
Component/s: Local/Config
Labels:
- configuration
- security
Environment:

Production

Description

It's possible for a node to join an existing cluster (with perhaps more stringent security restrictions i.e. not using AllowAllAuthentication) and issue destructive commands that affect the cluster at large (e.g. drop keyspace via cassandra-cli, etc).

This can be circumvented with a pluggable security module that could be used to implement basic node vetting/identification/etc.

Attachments

5401.txt
05/Apr/13 00:14
7 kB
Aleksey Yeschenko

Issue Links

Add Link

is duplicated by

CASSANDRA-5399 Offer pluggable security for inter-node communication

Resolved

Delete this link

Activity

Comment

This comment will be Viewable by All Users Viewable by All Users

Cancel

People

Assignee:: Aleksey Yeschenko Assign to me

Reporter:: Ahmed Bashir

Authors:: Aleksey Yeschenko

Reviewers:: Brandon Williams

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 29/Mar/13 01:06

Updated:: 16/Apr/19 09:32

Resolved:: 05/Apr/13 16:42

Agile

View on Board

Pluggable security feature to prevent node from joining a cluster and running destructive commands

Details

Description

Attachments

Attachments

Issue Links

Activity

People

Dates

Agile

Slack

Issue deployment