Thanks, Mike. I implemented and tested the second option and so far it
appears to be working great.

A side note: It’s a bit surprising CF allows names like api and uaa when
the platform is using the same domain considering, theoretically, a user
could create apps and routes for those services and capture sensitive info.

-Mike

On Jun 15, 2015, at 2:32 PM, Mike Youngstrom <youngm(a)gmail.com> wrote:

Two thoughts:
* Put your private system domain in an Org that users you don't trust
won't have access to.
* Create routes without an app for the names you wish to "reserve"

Mike


On Mon, Jun 15, 2015 at 3:30 PM, Mike Jacobi <jacobi(a)adobe.com> wrote:

It appears users can create their own routes named the same as critical
endpoints such as api, doppler, loggregator, uaa, etc. In fact, I just
created an app with routes doppler and loggregator and the platform did
nothing to prevent me from doing so. The “cf logs” behavior was then
unpredictable.



Is there some way to prevent this? Am I missing something?



Thanks,

Mike

_______________________________________________
cf-dev mailing list
cf-dev(a)lists.cloudfoundry.org
https://lists.cloudfoundry.org/mailman/listinfo/cf-dev

_______________________________________________
cf-dev mailing list
cf-dev(a)lists.cloudfoundry.org
https://lists.cloudfoundry.org/mailman/listinfo/cf-dev



_______________________________________________
cf-dev mailing list
cf-dev(a)lists.cloudfoundry.org
https://lists.cloudfoundry.org/mailman/listinfo/cf-dev