zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ZOOKEEPER-2779) Add option to not set ACL for reconfig node
Date Thu, 01 Jun 2017 13:22:04 GMT

    [ https://issues.apache.org/jira/browse/ZOOKEEPER-2779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16032961#comment-16032961
] 

ASF GitHub Bot commented on ZOOKEEPER-2779:
-------------------------------------------

Github user Randgalt commented on a diff in the pull request:

    https://github.com/apache/zookeeper/pull/249#discussion_r119611508
  
    --- Diff: src/docs/src/documentation/content/xdocs/zookeeperReconfig.xml ---
    @@ -338,7 +338,10 @@ server.3=125.23.63.25:2782:2785:participant</programlisting>
             environment (i.e. behind company firewall). For those users who want to use reconfiguration
feature but
             don't want the overhead of configuring an explicit list of authorized user for
reconfig access checks,
             they can set <ulink url="zookeeperAdmin.html#sc_authOptions">"skipACL"</ulink>
to "yes" which will
    -        skip ACL check and allow any user to reconfigure cluster.
    +        skip ACL check and allow any user to reconfigure cluster. A more secure mechanism
is also provided.
    --- End diff --
    
    I removed it - however, the sentence was referring to the "offline" superuser approach
as being more secure.


> Add option to not set ACL for reconfig node
> -------------------------------------------
>
>                 Key: ZOOKEEPER-2779
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2779
>             Project: ZooKeeper
>          Issue Type: Improvement
>          Components: server
>    Affects Versions: 3.5.3
>            Reporter: Jordan Zimmerman
>            Assignee: Jordan Zimmerman
>             Fix For: 3.5.4, 3.6.0
>
>
> ZOOKEEPER-2014 changed the behavior of the /zookeeper/config node by setting the ACL
to {{ZooDefs.Ids.READ_ACL_UNSAFE}}. This change makes it very cumbersome to use the reconfig
APIs. It also, perversely, makes security worse as the entire ZooKeeper instance must be opened
to "super" user while enabled reconfig (per {{ReconfigExceptionTest.java}}). Provide a mechanism
for savvy users to disable this ACL so that an application-specific custom ACL can be set.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message