Ah, I see. Makes sense. On Sep 6, 2017 12:23 PM, "Bruce Schuchardt" <bschucha...@pivotal.io> wrote:
I think we will want to remove this property in the next major release and have the behavior it enables be how the servers always act. On 9/6/17 10:23 AM, Brian Baynes wrote: In this case, won't we be changing the default of this property with the next major release? So perhaps the choice is to follow the default=false convention now, or with the next major release..? On Wed, Sep 6, 2017 at 8:47 AM, Bruce Schuchardt <bschucha...@pivotal.io> wrote: > > > > On Sept. 5, 2017, 5:09 p.m., Galen O'Sullivan wrote: > > > I prefer config option names to be as unambiguous as possible. I think > `allow` would be clearer than `disallow` because it avoids > double-negatives. Can we use > > > `allow-internal-messages-without-credentials` and have it default to > `true`? > > In general Java properties ought to default to _false_ if they aren't > set. We've had other properties default to _true_ in the past and they > were awkward. > > > - Bruce > > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/62088/#review184608 > ----------------------------------------------------------- > > > On Sept. 5, 2017, 10:57 a.m., Bruce Schuchardt wrote: > > > > ----------------------------------------------------------- > > This is an automatically generated e-mail. To reply, visit: > > https://reviews.apache.org/r/62088/ > > ----------------------------------------------------------- > > > > (Updated Sept. 5, 2017, 10:57 a.m.) > > > > > > Review request for geode, Alexander Murmann, Galen O'Sullivan, Hitesh > Khamesra, and Udo Kohlmeyer. > > > > > > Bugs: GEODE-3249 > > https://issues.apache.org/jira/browse/GEODE-3249 > > > > > > Repository: geode > > > > > > Description > > ------- > > > > This change leaves the security hole in place but allows you to plug it > by setting the system property > > > > geode.disallow-internal-messages-without-credentials=true > > > > Clients must be upgraded to the release containing this change if you > set this system property to true and client/server authentication is > enabled. Otherwise client messages to register PDX types or Instantiators > will be rejected by the servers. > > > > > > Diffs > > ----- > > > > geode-core/src/main/java/org/apache/geode/internal/cache/ti > er/sockets/ServerConnection.java b243d8ebb8f7fb698a4637c7a787ee2d7216f1f7 > > > > > > Diff: https://reviews.apache.org/r/62088/diff/1/ > > > > > > Testing > > ------- > > > > > > Thanks, > > > > Bruce Schuchardt > > > > > >
