zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michael Han (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ZOOKEEPER-2779) Add option to not set ACL for reconfig node
Date Tue, 30 May 2017 16:53:04 GMT

    [ https://issues.apache.org/jira/browse/ZOOKEEPER-2779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16029708#comment-16029708
] 

Michael Han commented on ZOOKEEPER-2779:
----------------------------------------

The current approach does not require a client to set the ACL. The ACL on the config node
is set when ZK server is started by the server itself. And the superuser is configured at
server start up. So there is no configuration changes after server is started, thus it is
offline.

> Add option to not set ACL for reconfig node
> -------------------------------------------
>
>                 Key: ZOOKEEPER-2779
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2779
>             Project: ZooKeeper
>          Issue Type: Improvement
>          Components: server
>    Affects Versions: 3.5.3
>            Reporter: Jordan Zimmerman
>            Assignee: Jordan Zimmerman
>             Fix For: 3.5.4, 3.6.0
>
>
> ZOOKEEPER-2014 changed the behavior of the /zookeeper/config node by setting the ACL
to {{ZooDefs.Ids.READ_ACL_UNSAFE}}. This change makes it very cumbersome to use the reconfig
APIs. It also, perversely, makes security worse as the entire ZooKeeper instance must be opened
to "super" user while enabled reconfig (per {{ReconfigExceptionTest.java}}). Provide a mechanism
for savvy users to disable this ACL so that an application-specific custom ACL can be set.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message