Return-Path: <dev-return-60458-archive-asf-public=cust-asf.ponee.io@zookeeper.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 9ADDF200CA7
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Wed, 31 May 2017 01:32:10 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id 9955A160BE2; Tue, 30 May 2017 23:32:10 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id DECFF160BC9
	for <archive-asf-public@cust-asf.ponee.io>; Wed, 31 May 2017 01:32:09 +0200 (CEST)
Received: (qmail 3311 invoked by uid 500); 30 May 2017 23:32:08 -0000
Mailing-List: contact dev-help@zookeeper.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@zookeeper.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@zookeeper.apache.org>
List-Post: <mailto:dev@zookeeper.apache.org>
List-Id: <dev.zookeeper.apache.org>
Reply-To: dev@zookeeper.apache.org
Delivered-To: mailing list dev@zookeeper.apache.org
Received: (qmail 3156 invoked by uid 99); 30 May 2017 23:32:08 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 30 May 2017 23:32:08 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id 3CD9CC2077
	for <dev@zookeeper.apache.org>; Tue, 30 May 2017 23:32:08 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -99.202
X-Spam-Level: 
X-Spam-Status: No, score=-99.202 tagged_above=-999 required=6.31
	tests=[KAM_ASCII_DIVIDERS=0.8, RP_MATCHES_RCVD=-0.001,
	SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=disabled
Received: from mx1-lw-us.apache.org ([10.40.0.8])
	by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024)
	with ESMTP id ZrJLubDpHPPG for <dev@zookeeper.apache.org>;
	Tue, 30 May 2017 23:32:07 +0000 (UTC)
Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139])
	by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id 6966D5F47A
	for <dev@zookeeper.apache.org>; Tue, 30 May 2017 23:32:07 +0000 (UTC)
Received: from jira-lw-us.apache.org (unknown [207.244.88.139])
	by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id BCA0BE0D87
	for <dev@zookeeper.apache.org>; Tue, 30 May 2017 23:32:06 +0000 (UTC)
Received: from jira-lw-us.apache.org (localhost [127.0.0.1])
	by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id 32D9B21D62
	for <dev@zookeeper.apache.org>; Tue, 30 May 2017 23:32:05 +0000 (UTC)
Date: Tue, 30 May 2017 23:32:05 +0000 (UTC)
From: "ASF GitHub Bot (JIRA)" <jira@apache.org>
To: dev@zookeeper.apache.org
Message-ID: <JIRA.13070426.1494338584000.326024.1496187125205@Atlassian.JIRA>
In-Reply-To: <JIRA.13070426.1494338584000@Atlassian.JIRA>
References: <JIRA.13070426.1494338584000@Atlassian.JIRA> <JIRA.13070426.1494338584497@jira-lw-us.apache.org>
Subject: [jira] [Commented] (ZOOKEEPER-2779) Add option to not set ACL for
 reconfig node
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394
archived-at: Tue, 30 May 2017 23:32:10 -0000


    [ https://issues.apache.org/jira/browse/ZOOKEEPER-2779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16030360#comment-16030360 ] 

ASF GitHub Bot commented on ZOOKEEPER-2779:
-------------------------------------------

Github user hanm commented on a diff in the pull request:

    https://github.com/apache/zookeeper/pull/249#discussion_r119240556
  
    --- Diff: src/docs/src/documentation/content/xdocs/zookeeperReconfig.xml ---
    @@ -338,7 +338,10 @@ server.3=125.23.63.25:2782:2785:participant</programlisting>
             environment (i.e. behind company firewall). For those users who want to use reconfiguration feature but
             don't want the overhead of configuring an explicit list of authorized user for reconfig access checks,
             they can set <ulink url="zookeeperAdmin.html#sc_authOptions">"skipACL"</ulink> to "yes" which will
    -        skip ACL check and allow any user to reconfigure cluster.
    +        skip ACL check and allow any user to reconfigure cluster. A more secure mechanism is also provided.
    --- End diff --
    
    Please remove the "A more secure mechanism is also provided." This approach is no safer than the offline superuser approach per discussion in JIRA. 


> Add option to not set ACL for reconfig node
> -------------------------------------------
>
>                 Key: ZOOKEEPER-2779
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2779
>             Project: ZooKeeper
>          Issue Type: Improvement
>          Components: server
>    Affects Versions: 3.5.3
>            Reporter: Jordan Zimmerman
>            Assignee: Jordan Zimmerman
>             Fix For: 3.5.4, 3.6.0
>
>
> ZOOKEEPER-2014 changed the behavior of the /zookeeper/config node by setting the ACL to {{ZooDefs.Ids.READ_ACL_UNSAFE}}. This change makes it very cumbersome to use the reconfig APIs. It also, perversely, makes security worse as the entire ZooKeeper instance must be opened to "super" user while enabled reconfig (per {{ReconfigExceptionTest.java}}). Provide a mechanism for savvy users to disable this ACL so that an application-specific custom ACL can be set.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)