I was wondering if the replyTo queue should be exclusive by default.
If it remains without exclusive it could open attackspace. Surely, it's a really rare occurance but still possible.
The exclusive flag should deny any access from someone else than the creator of the queue so nobody would be able to install a queue hook there.
What are your thoughts on this?
I tried to implement this but many tests fail in the after/before steps and I couldn't figure out how to fix it fastly. But the change smells like you would like to think about it so I figured it makes more sense to wait for your reply.
Hey there,
I was wondering if the replyTo queue should be
exclusiveby default. If it remains withoutexclusiveit could open attackspace. Surely, it's a really rare occurance but still possible.The
exclusiveflag should deny any access from someone else than the creator of the queue so nobody would be able to install a queue hook there.What are your thoughts on this?
I tried to implement this but many tests fail in the after/before steps and I couldn't figure out how to fix it fastly. But the change smells like you would like to think about it so I figured it makes more sense to wait for your reply.