Set default channel permission to resetchannels for 7.0#10181
Conversation
|
@hpatro isn't that a serious breaking change? maybe we can find the middle ground for different default in selectors vs the root selector? |
@oranagra I agree this is a breaking change. I believe it's good to talk about it before the major release and come to a decision. 7.0 provides this opportunity to make this breaking change to increase the security posture of all newly created users. For customers updating from 6.0 to 7.0 using acl file shouldn't have any problem as the state of channel permission would already be persisted in the file. |
|
I wanted to avoid different permissions on selectors vs root permissions, since I think that will just add more room for confusion. I think what a lot of people want to do is just write some permissions for a root user, and then wrap in parentheses and have it work the same way. Since this is for security, and we're already introducing a bunch of backwards breaking changes to make it more secure by default (module/debug/config flags). I would be in favor of this change and make a stand that this is the version we care about security. We can also advise users to explicitly add this to their config file to retain the current behavior. |
|
I agree with the reasoning to make it more secure and having consistent use of selectors. |
|
@yossigo @soloestoy Any thoughts ? |
|
I agree it's better to make it more secure. But I feel uncomfortable about the breaking change, especially we did a lot of compatibility work to avoid breaking change in multi-part AOF feature. |
|
Note: We can advise user(s) in the release notes to use |
|
I'm also in favor of changing the default, despite being a breaking change. My arguments are:
@soloestoy To me, this is different because:
|
|
I was initially against it, but after thinking about the argument Yossi presented, i changed my mind. the bottom line here, is that like the blocking of so either we leave it like it was forever, or we introduce a breaking when some day. |
|
seems like we have a quorum, and out of time for 7.0 RC1. |
For backwards compatibility in 6.x, channels default permission was set to
allchannelshowever with 7.0, we should modify it and the default value should beresetchannelsfor better security posture. Also, with selectors in ACL, a client doesn't have to set channel rules everytime and by default the value will beresetchannels.This is a breaking change, users that are badly affected by it, can easily revert the config back to the old default.
Before this change
After this change