[jira] [Updated] (ZOOKEEPER-2014) Only admin should be allowed to reconfig a cluster

Wed, 20 Aug 2014 21:06:56 -0700 

     [ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2014?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Raul Gutierrez Segales updated ZOOKEEPER-2014:
----------------------------------------------

    Description: 
ZOOKEEPER-107 introduces reconfiguration support via the reconfig() call. We 
should, at the very least, ensure that only the Admin can reconfigure a 
cluster. Perhaps restricting access to /zookeeper/config as well, though this 
is debatable. Surely one could ensure Admin only access via an ACL, but that 
would leave everyone who doesn't use ACLs unprotected. We could also force a 
default ACL to make it a bit more consistent (maybe).

Finally, making reconfig() only available to Admins means they have to run with 
zookeeper.DigestAuthenticationProvider.superDigest (which I am not sure if 
everyone does, or how would it work with other authentication providers). 

  was:ZOOKEEPER-107 introduces reconfiguration support by modifying 
/zookeeper/config. We should ensure that only the Admin can reconfigure a 
cluster.


> Only admin should be allowed to reconfig a cluster
> --------------------------------------------------
>
>                 Key: ZOOKEEPER-2014
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2014
>             Project: ZooKeeper
>          Issue Type: Bug
>          Components: server
>    Affects Versions: 3.5.0
>            Reporter: Raul Gutierrez Segales
>            Assignee: Raul Gutierrez Segales
>            Priority: Blocker
>
> ZOOKEEPER-107 introduces reconfiguration support via the reconfig() call. We 
> should, at the very least, ensure that only the Admin can reconfigure a 
> cluster. Perhaps restricting access to /zookeeper/config as well, though this 
> is debatable. Surely one could ensure Admin only access via an ACL, but that 
> would leave everyone who doesn't use ACLs unprotected. We could also force a 
> default ACL to make it a bit more consistent (maybe).
> Finally, making reconfig() only available to Admins means they have to run 
> with zookeeper.DigestAuthenticationProvider.superDigest (which I am not sure 
> if everyone does, or how would it work with other authentication providers). 



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to