flink-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FLINK-5818) change checkpoint dir permission to 700 for security reason
Date Wed, 01 Mar 2017 01:36:45 GMT

    [ https://issues.apache.org/jira/browse/FLINK-5818?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15889284#comment-15889284

ASF GitHub Bot commented on FLINK-5818:

Github user EronWright commented on the issue:

    @WangTaoTheTonic can you elaborate on the multi-user scenario that you have in mind? 
Keep in mind that a given Flink cluster doesn't provide any isolation between jobs in that
cluster.   So it wouldn't be meaningful to have different permissions for each job.

> change checkpoint dir permission to 700 for security reason
> -----------------------------------------------------------
>                 Key: FLINK-5818
>                 URL: https://issues.apache.org/jira/browse/FLINK-5818
>             Project: Flink
>          Issue Type: Sub-task
>          Components: Security, State Backends, Checkpointing
>            Reporter: Tao Wang
>            Assignee: Tao Wang
> Now checkpoint directory is made w/o specified permission, so it is easy for another
user to delete or read files under it, which will cause restore failure or information leak.
> It's better to lower it down to 700.

This message was sent by Atlassian JIRA

View raw message