[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[netCDF #TMR-458993]: Failure to handle GDS server-side analysis URL with netcdf 4.3.2
This archive contains answers to questions sent to Unidata support through mid-2025. Note that the archive is no longer being updated. We provide the archive for reference; many of the answers presented here remain technically correct, even if somewhat outdated. For the most up-to-date information on the use of NSF Unidata software and data services, please consult the Software Documentation first.
- Subject: [netCDF #TMR-458993]: Failure to handle GDS server-side analysis URL with netcdf 4.3.2
- Date: Mon, 07 Jul 2014 09:53:32 -0600
>It is just not practical for us to put out a new release of GDS with one patch >that > makes the host of the server more vulnerable in order to accommodate a new > performance > feature in the netcdf library. I do not understand how disabling the requirement that every request have a constraint is a security issue? Even with this requirement in place, I can access the whole dataset by specifying every top-level variable in a query. Can you elaborate on how turning off this requirement makes the server more vulnerable? Is there history here of which I am unaware? The other issue, is, of course, the pain of issuing a new version of grads, and I understand that perfectly. We don't issue new versions of netcdf lightly either. =Dennis Heimbigner Unidata Ticket Details =================== Ticket ID: TMR-458993 Department: Support netCDF Priority: Urgent Status: Closed
- Prev by Date: [netCDF #TMR-458993]: Failure to handle GDS server-side analysis URL with netcdf 4.3.2
- Next by Date: [netCDF #TMR-458993]: Failure to handle GDS server-side analysis URL with netcdf 4.3.2
- Previous by thread: [netCDF #TMR-458993]: Failure to handle GDS server-side analysis URL with netcdf 4.3.2
- Next by thread: [netCDF #TMR-458993]: Failure to handle GDS server-side analysis URL with netcdf 4.3.2
- Index(es):