You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am doing a research aiming at finding issues in configuration files. After pulling your image we notice that hbase.regionserver.thrift.framed is set to False in the configuration file.
However, the HBase official document and Cloudera troubleshooting page recommends to set hbase.regionserver.thrift.framed and hbase.regionserver.thrift.compact to True for security:
This is the recommended transport for thrift servers and requires a similar setting on the client side. Changing this to false will select the default transport, vulnerable to DoS when malformed requests are issued due to THRIFT-601.
To prevent the possibility of crashes due to buffer overruns, use the framed and compact transport protocols by setting hbase.regionserver.thrift.framed and hbase.regionserver.thrift.compact to true in hbase-site.xml.
Maybe it's better to enable these two parameters? Thank you!
The text was updated successfully, but these errors were encountered:
Thanks for providing the container!
I am doing a research aiming at finding issues in configuration files. After pulling your image we notice that
hbase.regionserver.thrift.framedis set toFalsein the configuration file.However, the HBase official document and Cloudera troubleshooting page recommends to set
hbase.regionserver.thrift.framedandhbase.regionserver.thrift.compacttoTruefor security:This is the recommended transport for thrift servers and requires a similar setting on the client side. Changing this to false will select the default transport, vulnerable to DoS when malformed requests are issued due to THRIFT-601.
To prevent the possibility of crashes due to buffer overruns, use the framed and compact transport protocols by setting hbase.regionserver.thrift.framed and hbase.regionserver.thrift.compact to true in hbase-site.xml.
Maybe it's better to enable these two parameters? Thank you!
The text was updated successfully, but these errors were encountered: