Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

cli: don't allow empty coordinator policy hash #270

Merged
merged 2 commits into from
Mar 21, 2024

Conversation

burgerdev
Copy link
Contributor

contrast used to allow setting an empty coordinator policy hash on the command-line, which resulted in the policy hash not being checked at all. This was intended as a development feature, but the chances of accidental misuse are too high, thus we're requiring a policy hash to be present. It's still possible to accept untrusted policies by overriding with the actual hash of the deployed coordinator without verifying it.

@burgerdev burgerdev added the bug fix Fixing a user facing bug label Mar 20, 2024
@burgerdev burgerdev requested a review from katexochen as a code owner March 20, 2024 15:22
@burgerdev burgerdev requested a review from malt3 March 20, 2024 15:22
@burgerdev burgerdev force-pushed the burgerdev/no-empty-policy-hash branch from 1da77f2 to 879d524 Compare March 20, 2024 15:41
@burgerdev burgerdev force-pushed the burgerdev/no-empty-policy-hash branch from 879d524 to 501a8c9 Compare March 20, 2024 16:07
@burgerdev burgerdev merged commit 6f71293 into main Mar 21, 2024
7 checks passed
@burgerdev burgerdev deleted the burgerdev/no-empty-policy-hash branch March 21, 2024 07:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug fix Fixing a user facing bug
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants