Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

api: Explain security constraints of ATTR_AUTHORITY_OVERRIDE #9281

Merged
merged 2 commits into from Jun 22, 2022
Merged

api: Explain security constraints of ATTR_AUTHORITY_OVERRIDE #9281

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
346a96c
api: Explain security constraints of ATTR_AUTHORITY_OVERRIDE
ejona86 Jun 15, 2022
da5e905
Comma
ejona86 Jun 22, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
5 changes: 5 additions & 0 deletions api/src/main/java/io/grpc/EquivalentAddressGroup.java
View file
Open in desktop
Expand Up @@ -40,6 +40,11 @@ public final class EquivalentAddressGroup {
* However, if the channel has overridden authority via
* {@link ManagedChannelBuilder#overrideAuthority(String)}, the transport will use the channel's
* authority override.
*
* <p>The authority <strong>must</strong> be from a trusted source, because if the authority is
* tampered with RPCs may be sent to attackers which may leak sensitive user data. If the
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"tampered with, RPCs may be..."

* authority was acquired by doing I/O, the communication must be authenticated (e.g., via TLS).
* Recognize that the server that provided the authority can trivially impersonate the service.
*/
@Attr
@ExperimentalApi("https://github.com/grpc/grpc-java/issues/6138")
Expand Down