From bd034485d7e3a4a8c4d42998c99f337550dc1ec6 Mon Sep 17 00:00:00 2001
From: Alan Guo Xiang Tan <gxtan1990@gmail.com>
Date: Fri, 17 Dec 2021 14:24:32 +0800
Subject: [PATCH] SECURITY: Disable MessageBus::Diagnostics.

MessageBus::Diagnostics allows anyone with access to carry out certain
operations that may result in a denial of service. The impact of this is
greater on multisiite clusters.
---
 config/initializers/004-message_bus.rb | 1 -
 1 file changed, 1 deletion(-)

diff --git a/config/initializers/004-message_bus.rb b/config/initializers/004-message_bus.rb
index f560ad2a320..70c7c786328 100644
--- a/config/initializers/004-message_bus.rb
+++ b/config/initializers/004-message_bus.rb
@@ -130,7 +130,6 @@ else
 end
 
 MessageBus.cache_assets = !Rails.env.development?
-MessageBus.enable_diagnostics
 
 if Rails.env == "test" || $0 =~ /rake$/
   # disable keepalive in testing