michaeljmarshall commented on PR #19832: URL: https://github.com/apache/pulsar/pull/19832#issuecomment-1478002193
> Regarding stateStore, you're basically saying they didn't take into consideration the security aspects of multi-tenancy, since that interface allows consuming any state by any tenant. > > So permissions across tenants. Any other aspect relarted to multi-tenancy with examples? This touches on a deep question about what _is_ multi-tenancy. I've been thinking about this the past week, and I think the most tangible aspect of multi-tenancy is the ability to "impact" another tenant where impact is quite general. The most obvious impact is directly operating on another tenant's resources. Permissions/authorization prevent one tenant from performing actions on another tenant. The next impact is resource utilization, or the noisy neighbor problem. We generally have rate limits to solve this problem, though we only really have rate limits at the topic level. I'm not sure this problem goes much beyond rate limits, though. Perhaps multi-tenancy is just a subpoint under the security concerns section? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
