You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We need to add some more checks for node IDs in order to make them more robust and avoid nodes being able to steal away an ID from another node.
Enforce that node IDs are either empty or proper UUIDs in /v1/catalog/register. The UUID field index will ensure this, but the feedback to the users won't be friendly, so it's better to validate it early.
When a node is being registered, look for an existing node by that ID. If no node exists, then add the new node. If an existing node is found, reject the change unless the node name is the same as well. If we don't do this, registrations can steal away the ID from another node. You'll need to deregister the other node first.
The text was updated successfully, but these errors were encountered:
We need to add some more checks for node IDs in order to make them more robust and avoid nodes being able to steal away an ID from another node.
Enforce that node IDs are either empty or proper UUIDs in /v1/catalog/register. The UUID field index will ensure this, but the feedback to the users won't be friendly, so it's better to validate it early.
When a node is being registered, look for an existing node by that ID. If no node exists, then add the new node. If an existing node is found, reject the change unless the node name is the same as well. If we don't do this, registrations can steal away the ID from another node. You'll need to deregister the other node first.
The text was updated successfully, but these errors were encountered: