[jira] [Created] (GEODE-1909) A user with no privilege can start a server

Jinmei Liao (JIRA) Mon, 19 Sep 2016 11:14:44 -0700

Jinmei Liao created GEODE-1909:
----------------------------------

             Summary: A user with no privilege can start a server
                 Key: GEODE-1909
                 URL: https://issues.apache.org/jira/browse/GEODE-1909
             Project: Geode
          Issue Type: Bug
            Reporter: Jinmei Liao



1) Start the locator with a security-manager:
start locator --name=loc1 --security-properties-file=security.properties 
--classpath=/Users/jiliao/my_gemfire/security

2) connect to the locator using: guest/guest

3), try start a server as guest:
start server --name=server1 
--security-properties-file=serverSecurity.properties --locators=localhost[10334]

The server will be started.

We should allow only user with DATA:MANAGE permission to start a server.




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (GEODE-1909) A user with no privilege can start a server

Reply via email to