2bethere commented on a change in pull request #11016:
URL: https://github.com/apache/druid/pull/11016#discussion_r600875125
##########
File path: docs/operations/security-overview.md
##########
@@ -23,66 +23,109 @@ title: "Security overview"
-->
-## Overview
+
+This document provides an overview of Apache Druid security features,
configuration instructions, and some best practices to secure Druid.
By default, security features in Druid are disabled, which simplifies the
initial deployment experience. However, security features must be configured in
a production deployment. These features include TLS, authentication, and
authorization.
-To implement Druid security, you configure authenticators and authorizers.
Authenticators control the way user identities are verified, while authorizers
map the authenticated users (via user roles) to the datasources they are
permitted to access. Consequently, implementing Druid security also involves
considering your datasource scheme, since that scheme represents the
granularity at which data access permissions are allocated.
-The following graphic depicts the course of request through the authentication
process:
+## Best practices
-
+* Run Druid as an unprivileged Unix user. Do not run Druid as the root user.
+ > **WARNING!** \
+ Druid administrator users have the same OS permissions as the Unix user
account running Druid. If the Druid process is running under the OS root user
account, then Druid administrators can read or write all files that the root
account has access to, including sensitive files such as `/etc/passwd`.
Review comment:
```suggestion
Users with write privileges to any data source are considered as a Druid
administrator. Druid administrator users have the same OS permissions as the
Unix user account running Druid. If the Druid process is running under the OS
root user account, then Druid administrators can read or write all files that
the root account has access to, including sensitive files such as `/etc/passwd`.
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
