[jira] [Issue Comment Edited] (CASSANDRA-2274) Restrict Cassandra cluster node joins to a list of named hosts

Mon, 07 Nov 2011 15:57:17 -0800 

    [ 
https://issues.apache.org/jira/browse/CASSANDRA-2274?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13145909#comment-13145909
 ] 

David Allsopp edited comment on CASSANDRA-2274 at 11/7/11 11:55 PM:
--------------------------------------------------------------------

D'oh, I hadn't realized encryption was implemented now! Spent too much time on 
old versions...

Verifying IP addresses might still be useful as per the sub-issue, but it's a 
minor point if proper encryption is in place. 
                
      was (Author: dallsopp):
    D'oh, I hadn't realized encryption was implemented now! Spent too much time 
on old versions...

@Richard -  Dropping a keyspace is a Thrift operation, and I think you can 
already define different levels of access for 'normal' read/write access versus 
'dangerous' schema operations. 

The crux of the above issue, however, is that inter-node messaging is separate 
from the Thrift communications - so even with Thrift authentication enabled, a 
node can join the cluster and read data. Presumably the inter-node encryption 
fixes this.

Verifying IP addresses might still be useful as per the sub-issue, but it's a 
minor point if proper encryption is in place. 
                  
> Restrict Cassandra cluster node joins to a list of named hosts
> --------------------------------------------------------------
>
>                 Key: CASSANDRA-2274
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-2274
>             Project: Cassandra
>          Issue Type: Improvement
>          Components: Core
>    Affects Versions: 0.7.2
>         Environment: All
>            Reporter: Andrew Schiefelbein
>
> Because firewalls and employees are not infallible it would be nice to 
> restrict the ability of any node to join a cluster to a list of named hosts 
> in the configuration so that someone would be unable to start a node and 
> replicate all the data locally.  I understand that in order to do this the 
> person must know the seed servers and the cluster name and to extract the 
> data they will need a userid and password but another level of security would 
> be to force them to execute any brute force attack from a locked down server 
> instead of replicating all the data locally.  

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to