ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Public groups in default policies
Date Wed, 17 Oct 2018 16:18:02 GMT
Hi all,

I was testing the new support for Kafka 2.0.0 in the Ranger master code - I
was surprised to see that when you create a new Kafka resource, that the
default policies all are associated with the "public" group. That means
that using the default policies anyone is authorized to publish/consumer
from a topic, etc.

I think it would be more secure if the default policies we associate with a
resource are associated only with the admin user specified when creating
the resource, and not the public group.

Colm.


-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message