[jira] [Closed] (GEODE-1909) A user with no privilege can start a server

Anthony Baker (JIRA) Tue, 27 Dec 2016 14:40:08 -0800

     [ 
https://issues.apache.org/jira/browse/GEODE-1909?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Anthony Baker closed GEODE-1909.
--------------------------------

> A user with no privilege can start a server
> -------------------------------------------
>
>                 Key: GEODE-1909
>                 URL: https://issues.apache.org/jira/browse/GEODE-1909
>             Project: Geode
>          Issue Type: Bug
>            Reporter: Jinmei Liao
>            Assignee: Jinmei Liao
>              Labels: management
>             Fix For: 1.0.0-incubating
>
>         Attachments: security.json, security.properties, 
> serverSecurity.properties
>
>
> 1) Start the locator with a security-manager:
> start locator --name=loc1 --security-properties-file=security.properties 
> --classpath=/Users/jiliao/my_gemfire/security
> 2) connect to the locator using: guest/guest
> 3), try start a server as guest:
> start server --name=server1 
> --security-properties-file=serverSecurity.properties 
> --locators=localhost[10334]
> The server will be started.
> We should allow only user with CLUSTER:MANAGE permission to start a server.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Closed] (GEODE-1909) A user with no privilege can start a server

Reply via email to