apache · nameearly · Feb 19, 2026
diff --git a/...a/org/apache/ignite/internal/processors/authentication/IgniteAuthenticationProcessor.java b/...a/org/apache/ignite/internal/processors/authentication/IgniteAuthenticationProcessor.java
@@ -763,6 +763,9 @@ private void onAuthenticateRequestMessage(UUID nodeId, UserAuthenticateRequestMe
         catch (IgniteCheckedException e) {
             respMsg = new UserAuthenticateResponseMessage(msg.id(), e.toString());
 
+            // NOTE: Avoid printing stack traces directly to STDERR in production code.
+            // It bypasses Ignite logging configuration/handlers and may leak sensitive internal details.
+            // Prefer using the Ignite logger (e.g. U.error(log, ...)) with a properly sanitized message.
             e.printStackTrace();
         }
 

diff --git a/...va/org/apache/ignite/internal/processors/rest/handlers/cache/GridCacheCommandHandler.java b/...va/org/apache/ignite/internal/processors/rest/handlers/cache/GridCacheCommandHandler.java
@@ -1659,6 +1659,10 @@ private static class MetricsCommand extends CacheCommand {
 
         /** {@inheritDoc} */
         @Override public IgniteInternalFuture<?> applyx(IgniteInternalCache<Object, Object> c, GridKernalContext ctx) {
+            // SECURITY NOTE: Cache metrics are operational/diagnostic data.
+            // If this REST command is accessible to untrusted users, it may disclose cluster activity patterns.
+            // This handler does not perform explicit authorization checks here, so access control should be enforced
+            // at a higher layer if stricter restrictions are required.
             CacheMetrics metrics = c.cache().localMetrics();
 
             assert metrics != null;

diff --git a/...n/java/org/apache/ignite/internal/processors/rest/handlers/log/GridLogCommandHandler.java b/...n/java/org/apache/ignite/internal/processors/rest/handlers/log/GridLogCommandHandler.java
@@ -112,6 +112,9 @@ public GridLogCommandHandler(GridKernalContext ctx) {
 
             try {
                 if (req0.path() != null) {
+                    // SECURITY NOTE: This endpoint returns server-side file contents over REST.
+                    // Be careful with user-supplied paths: if additional authorization is not enforced at a higher level,
+                    // this may become an information disclosure primitive (e.g., reading sensitive files).
                     if (log.fileName() != null) {
                         if (!req0.path().equals(log.fileName())) {
                             return new GridFinishedFuture<>(new GridRestResponse(GridRestResponse.STATUS_FAILED,
@@ -138,6 +141,8 @@ else if (log.fileName() == null)
             }
 
             try {
+                // SECURITY NOTE: Consider restricting this operation to administrators only (or similar high-privilege role),
+                // because log and filesystem contents can reveal internal configuration, topology details, and secrets.
                 String content = readLog(from, to, logFile);
 
                 return new GridFinishedFuture<>(new GridRestResponse(content));

diff --git a/...g/apache/ignite/internal/processors/rest/handlers/memory/MemoryMetricsCommandHandler.java b/...g/apache/ignite/internal/processors/rest/handlers/memory/MemoryMetricsCommandHandler.java
@@ -63,6 +63,9 @@ public MemoryMetricsCommandHandler(GridKernalContext ctx) {
 
         switch (cmd) {
             case DATA_REGION_METRICS:
+                // SECURITY NOTE: Data region (memory) metrics may reveal operational characteristics of the node/cluster.
+                // If this REST endpoint is exposed to untrusted users, consider enforcing stricter authorization at a higher
+                // layer or within this handler to reduce information disclosure.
                 return new GridFinishedFuture<>(new GridRestResponse(ctx.grid().dataRegionMetrics()));
 
             default:

diff --git a/...a/org/apache/ignite/internal/processors/rest/handlers/top/GridTopologyCommandHandler.java b/...a/org/apache/ignite/internal/processors/rest/handlers/top/GridTopologyCommandHandler.java
@@ -99,6 +99,12 @@ public GridTopologyCommandHandler(GridKernalContext ctx) {
         boolean attr = req0.includeAttributes();
         boolean caches = req0.includeCaches();
 
+        // SECURITY NOTE: Topology responses may include sensitive operational information.
+        // When includeMetrics/includeAttributes/includeCaches flags are enabled, the response may reveal
+        // node metrics, configuration/attributes, cache names and other details useful for reconnaissance.
+        // This handler does not perform explicit authorization checks itself, so access control must be
+        // enforced at a higher layer (e.g., REST processor) if stricter restrictions are required.
+
         switch (req.command()) {
             case TOPOLOGY: {
                 Collection<ClusterNode> allNodes = ctx.discovery().allNodes();
@@ -287,6 +293,8 @@ private GridClientNodeBean createNodeBean(ClusterNode node, boolean mtr, boolean
         }
 
         if (attr) {
+            // SECURITY NOTE: Even though some well-known sensitive attributes are removed below,
+            // exposing node attributes over REST can still leak environment or configuration details.
             Map<String, Object> attrs = new HashMap<>(node.attributes());
 
             attrs.remove(ATTR_CACHE);