Jake created ZEPPELIN-3995:
------------------------------
Summary: How to lock down sh, other OS access?
Key: ZEPPELIN-3995
URL: https://issues.apache.org/jira/browse/ZEPPELIN-3995
Project: Zeppelin
Issue Type: Bug
Components: zeppelin-server
Affects Versions: 0.8.1
Reporter: Jake
I'm running Zeppelin in docker based on the image on docker hub. I've noticed
that the sh interpreter, and I guess all others, have access to the
configuration files. For example I'm able to change the notebook permissions
file using the sh interpreter. This is clearly a problem. Is there a way to
change what user the interpreters, i guess, run as which won't have permissions
to change the application's configuration? Otherwise, there really isn't any
notebook security, right?
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
