Agree on that Guozhang, that we should be careful with these behavioral changes
But I asked as it is defaulting jmx-ssl-enable and jmx-auth-prop to false and that way maintaining the behavior and any user upgrading to bug-fix shouldn't see any change regarding JMX unless they enable those flags explicitly This bugfix is really a huge deal from a security/monitoring perspective On 2019/05/11 01:34:53, Guozhang Wang <wangg...@gmail.com> wrote: > Hello, > > For any changes that is KIP-related we usually would not cherry-pick to old > bug-fix releases since they usually means API changes, like new configs. On > the other hand users upgrading to bug-fix releases are not expecting to see > any behavioral or public API changes. > > > Guozhang > > > On Fri, May 10, 2019 at 9:54 AM zmaliksh...@gmail.com <zmaliksh...@gmail.com> > wrote: > > > Hi, > > > > thanks for providing a fix for KIP-417 that enables a secure connection to > > RMI port. > > > > This is really a good fix from the security point of view and would be > > nice to backport to the 2.2.1 > > > > Is that planned already? > > > > > -- > -- Guozhang >
