[
https://issues.apache.org/jira/browse/HDDS-231?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Chung En Lee updated HDDS-231:
------------------------------
Target Version/s: 2.2.0 (was: 1.2.0)
2.2.0 (was: 2.1.0)
<<Bulk update>>
Apache Ozone 2.1.0 release is in progress. I'm updating all unresolved jiras
targeting 2.1.0 to retarget 2.2.0.
> Deny connections from non-local routable subnets by default
> -----------------------------------------------------------
>
> Key: HDDS-231
> URL: https://issues.apache.org/jira/browse/HDDS-231
> Project: Apache Ozone
> Issue Type: Improvement
> Reporter: Arpit Agarwal
> Priority: Major
>
> Apache Kudu limits unauthorized connections when strong security is disabled:
> bq. When disabled or strong authentication fails for 'optional', by default
> Kudu will only allow unauthenticated connections from trusted subnets, which
> are private networks (127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,
> 169.254.0.0/16) and local subnets of all local network interfaces.
> Unauthenticated connections from publicly routable IPs will be rejected.
> See https://kudu.apache.org/docs/security.html.
> We should use a similar approach for Ozone/HDDS.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
