Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Blocker
Fix Version/s: 2.1.0
Affects Version/s: 2.1.0
Component/s: ns_server
Security Level: Public
Labels:
None

Description

SUBJ. I just realized that the way babysitter passes cookie to itself to ns_server is visible in ps output to unprivileged users. That's clearly insecure as it allows full access to erlang guts to anybody with access to box running couchbase server.

Attachments

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Aleksey Kondratenko (Inactive)

Reporter:: Aleksey Kondratenko (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 09/Apr/13 1:41 PM

Updated:: 18/Apr/13 3:38 PM

Resolved:: 09/Apr/13 2:15 PM

Gerrit Reviews

There are no open Gerrit changes

Show There are 2 closed Gerrit changes

Hide There are 2 closed Gerrit changes

MB-8047: pass babysitter cookie to ns_server securely: Gerrit Review:

Merge branch 'master' into 2.0.2: Gerrit Review:

babysitter cookie is passed to child ns_server in the open

Details

Description

Attachments

Gerrit Reviews

Activity

People

Dates

Gerrit Reviews

PagerDuty