Jack, I updated my document with all the security gaps I was able to discover (see the second table, below the fist one). I also moved the document to Google Docs from Word doc, shared on Google Drive, following Matt's suggestion.
Please, see the updated link: https://docs.google.com/document/d/13-yu-1a0MMkBiJFPNkYoTd1Hzed9tgKltWi6hFLZbsk/edit?usp=sharing Thanks, Oleg On Thu, Feb 11, 2016 at 3:52 PM, oleg yusim <olegyu...@gmail.com> wrote: > Jack, > > This document doesn't cover all the areas where user will need to get > engaged in explicit mitigation, it only covers those, I wasn't sure about. > But - you are making a good point here. Let me update the document with the > rest of the gaps, so community would have a complete list here. > > Thanks, > > Oleg > > On Thu, Feb 11, 2016 at 3:38 PM, Jack Krupansky <jack.krupan...@gmail.com> > wrote: > >> Thanks! A useful contribution, no matter what the outcome. I trust your >> ability to read of the doc, so I don't expect a lot of change to the >> responses, but we'll see. At a minimum, it will probably be good to have >> doc to highlight areas where users will need to engage in explicit >> mitigation efforts if their infrastructure does not implicitly effect >> mitigation for various security exposures. >> >> -- Jack Krupansky >> >> On Thu, Feb 11, 2016 at 3:21 PM, oleg yusim <olegyu...@gmail.com> wrote: >> >>> Robert, Jack, Bryan, >>> >>> As you suggested, I put together document, titled >>> Cassandra_Security_Topics_to_Discuss, put it on Google Drive and shared it >>> with everybody on this list. The document contains list of questions I have >>> on Cassandra, my take on it, and has a place for notes Community would like >>> to make on it. >>> >>> Please, review. Any help would be appreciated greatly. >>> >>> https://drive.google.com/open?id=0B2L9nW4Cyj41YWd1UkI4ZXVPYmM >>> >>> Oleg >>> >>> On Fri, Jan 29, 2016 at 6:30 PM, Bryan Cheng <br...@blockcypher.com> >>> wrote: >>> >>>> To throw my (unsolicited) 2 cents into the ring, Oleg, you work for a >>>> well-funded and fairly large company. You are certainly free to continue >>>> using the list and asking for community support (I am definitely not in any >>>> position to tell you otherwise, anyway), but that community support is by >>>> definition ad-hoc and best effort. Furthermore, your questions range from >>>> trivial to, as Jonathan as mentioned earlier, concepts that many of us have >>>> no reason to consider at this time (perhaps your work will convince us >>>> otherwise- but you'll need to finish it first ;) ) >>>> >>>> What I'm getting at here is that perhaps, if you need faster, deeper >>>> level, and more elaborate support than this list can provide, you should >>>> look into the services of a paid Cassandra support company like Datastax. >>>> >>>> On Fri, Jan 29, 2016 at 3:34 PM, Robert Coli <rc...@eventbrite.com> >>>> wrote: >>>> >>>>> On Fri, Jan 29, 2016 at 3:12 PM, Jack Krupansky < >>>>> jack.krupan...@gmail.com> wrote: >>>>> >>>>>> One last time, I'll simply renew my objection to the way you are >>>>>> abusing this list. >>>>>> >>>>> >>>>> FWIW, while I appreciate that OP (Oleg) is attempting to do a service >>>>> for the community, I agree that the flood of single topic, context-lacking >>>>> posts regarding deep internals of Cassandra is likely to inspire the >>>>> opposite of a helpful response. >>>>> >>>>> This is important work, however, so hopefully we can collectively find >>>>> a way through the meta and can discuss this topic without acrimony! :D >>>>> >>>>> =Rob >>>>> >>>>> >>>> >>>> >>> >> >
