启用 gRPC 服务器反射的性能和安全影响

huangapple go评论58阅读模式
英文:

Performance & security impact of enabling grpc server reflection

问题

我想知道启用服务器反射会对服务器性能产生什么影响,以及是否存在与之相关的安全问题。

英文:

I want to know what would be the impact on performance of server on enabling server reflection & if there are any security concerns with it.

答案1

得分: 2

Reflection服务不会影响性能,除了用于跟踪反射数据的内存之外。根据语言/实现方式的不同,反射服务可以转储二进制中使用的任何protobuf描述符(不包括注释)。是否应该担心这一点取决于您的环境和服务。

通常情况下,内部服务会一直启用它。当您有一个反向代理根据路径联系多个服务时,该服务通常不会暴露,除非您需要一个智能实现,该实现将多个后端的结果与代理的配置结合起来。

英文:

Reflection service couldn't impact performance, other than the memory it uses to track the reflection data. Depending on the language/implementation, the reflection service may be able to dump protobuf descriptors (which does not include comments) for any protobuf used in the binary. Whether that is a concern depends on your environment and service.

It is common to have it enabled all-the-time for internal services. When you have a reverse proxy that contacts multiple services depending on the path, the service is generally not exposed as you'd need a smart implementation that combines results from multiple backends and the proxy's configuration.

huangapple
  • 本文由 发表于 2023年1月9日 11:25:02
  • 转载请务必保留本文链接:https://go.coder-hub.com/75052916.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定