Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Manually destroying a proc leaves routing in place #200

Open
ghost opened this issue Aug 9, 2016 · 0 comments
Open

Manually destroying a proc leaves routing in place #200

ghost opened this issue Aug 9, 2016 · 0 comments

Comments

@ghost
Copy link

ghost commented Aug 9, 2016

Originally reported by: Jason R. Coombs (Bitbucket: jaraco, GitHub: jaraco)


When one manually destroys a proc in a routed swarm, the routing is unchanged. The load balancer will handle the absence of that proc (assuming there are other procs to handle the load), but if another proc begins to listen on that port, the load balancer will once again route traffic to it. If that proc is from a different app, this can cause unexpected errors or unintended information disclosure (such as when one dispatches my_super_secret_app but traffic intended for everybody_wiki is routed to the sensitive app) or worse.

The first mitigation is to document this behavior here to capture the issue, remind our users that the issue exists, and act accordingly (basically, anytime you manually destroy a proc from a swarm, you should promptly dispatch that swarm).


Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

0 participants