Description
SUBJ. I just realized that the way babysitter passes cookie to itself to ns_server is visible in ps output to unprivileged users. That's clearly insecure as it allows full access to erlang guts to anybody with access to box running couchbase server.
Attachments
For Gerrit Dashboard: MB-8047 | ||||||
---|---|---|---|---|---|---|
# | Subject | Branch | Project | Status | CR | V |
25577,2 | MB-8047: pass babysitter cookie to ns_server securely | master | ns_server | Status: MERGED | +2 | +1 |
26278,1 | Merge branch 'master' into 2.0.2 | 2.0.2 | ns_server | Status: MERGED | +2 | +1 |