Comments about security of slave-read-only in redis.coinf.

author: antirez <antirez@gmail.com> 2012-03-21 12:26:05 +0100
committer: antirez <antirez@gmail.com> 2012-03-21 12:26:05 +0100
commit: ba864e09d4e24c405ab44ac273381bfdbafff3fd (patch)
tree: df4af126b08fc87cb5430b01ad218808577ae1f6 /redis.conf
parent: b22eab8faff94b36ff1474c7e9567778f54e79d5 (diff)
download: redis-ba864e09d4e24c405ab44ac273381bfdbafff3fd.tar.gz
1 files changed, 9 insertions, 1 deletions
diff --git a/redis.conf b/redis.conf
index 8396a6a47..1b79e09ef 100644
--- a/redis.conf
+++ b/redis.conf
@@ -159,9 +159,17 @@ slave-serve-stale-data yes
 # You can configure a slave instance to accept writes or not. Writing against
 # a slave instance may be useful to store some ephemeral data (because data
 # written on a slave will be easily deleted after resync with the master) but
-# may also cause problems if clients are writing to it for an error.
+# may also cause problems if clients are writing to it because of a
+# misconfiguration.
 #
 # Since Redis 2.6 by default slaves are read-only.
+#
+# Note: read only slaves are not designed to be exposed to untrusted clients
+# on the internet. It's just a protection layer against misuse of the instance.
+# Still a read only slave exports by default all the administrative commands
+# such as CONFIG, DEBUG, and so forth. To a limited extend you can improve
+# security of read only slaves using 'rename-command' to shadow all the
+# administrative / dangerous commands.
 slave-read-only yes
 
 # Slaves send PINGs to server in a predefined interval. It's possible to change
author	antirez <antirez@gmail.com>	2012-03-21 12:26:05 +0100
committer	antirez <antirez@gmail.com>	2012-03-21 12:26:05 +0100
commit	ba864e09d4e24c405ab44ac273381bfdbafff3fd (patch)
tree	df4af126b08fc87cb5430b01ad218808577ae1f6 /redis.conf
parent	b22eab8faff94b36ff1474c7e9567778f54e79d5 (diff)
download	redis-ba864e09d4e24c405ab44ac273381bfdbafff3fd.tar.gz