fluencelabs/redis
1
0
Fork 0
mirror of https://github.com/fluencelabs/redis synced 2025-03-17 08:00:49 +00:00
Code Issues Projects Releases Wiki Activity

ACL: tag LASTSAVE as dangerous.

Browse Source 
That's not REALLY needed, but... right now with LASTSAVE being the only
command tagged as "admin" but not "dangerous" what happens is that after
rewrites the rewrite engine will produce from the rules:

    user default on +@all ~* -@dangerous nopass

The rewrite:

    user default on nopass ~* +@all -@admin -@dangerous +lastsave

Which is correct but will have users wondering about why LASTSAVE has
something special.

Since LASTSAVE after all also leaks information about the underlying
server configuration, that may not be great for SAAS vendors, let's tag
it as dangerous as well and forget about this issue :-)
This commit is contained in:
antirez 2019-02-13 16:30:44 +01:00
parent fb7bfc17cd
commit e819c2ef5b
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/server.c
View File

@ -658,7 +658,7 @@ struct redisCommand redisCommandTable[] = {
0,NULL,0,0,0,0,0,0},
{"lastsave",lastsaveCommand,1,
"read-only random fast @admin",
"read-only random fast @admin @dangerous",
0,NULL,0,0,0,0,0,0},
{"type",typeCommand,2,