Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

server: disable security on /api/v2/ when running insecure #14892

Closed
cockroach-teamcity opened this issue Aug 19, 2022 · 0 comments
Closed

server: disable security on /api/v2/ when running insecure #14892

cockroach-teamcity opened this issue Aug 19, 2022 · 0 comments
Labels
C-product-change master

Comments

@cockroach-teamcity
Copy link
Member

cockroach-teamcity commented Aug 19, 2022
edited by exalate-issue-sync bot
Loading

Exalate commented:

Related PR: cockroachdb/cockroach#86417
Commit: cockroachdb/cockroach@109aac2

Release note (security update): HTTP API endpoints under the /api/v2/ prefix,
will allow requests through when the cluster is running in "insecure" mode.
When the cluster is running in "insecure" mode requests to these endpoints will
have the username set to "root".

Release justification: low-risk high-benefit change to existing functionality.

Jira Issue: DOC-5420
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
C-product-change master
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@cockroach-teamcity