[DISCUSS] Review process

2017-12-17 Thread Jongyoul Lee 
Hi committers,

I want to suggest one thing about our reviewing process. We have the policy
to wait for one-day before merging some PRs. AFAIK, It's because we reduce
mistakes and prevent abuses from committing by owner without reviewing it
concretely. I would like to change this policy to remove delay after
merging it. We, recently, don't have much reviewers and committers who can
merge continuously, and in my case, I, sometimes, forget some PRs that I
have to merge. And I also believe all committers have consensus how to
review and merge contributions.

How do you think of it?

JL

-- 
이종열, Jongyoul Lee, 李宗烈
http://madeng.net

Re: [DISCUSS] Change some default settings for avoiding unintended usages

2017-12-17 Thread Jongyoul Lee 
Agreed. Supporting container services must be good and I like this idea,
but I don't think it's the part of this issue directly. Let's talk about
this issue with another email.

I want to talk about enabling authentication by default. If it's enabled,
we should login admin/password1 at the beginning. How do you think of it?

On Sat, Dec 2, 2017 at 1:57 AM, Felix Cheung 
wrote:

> I’d +1 docker or container support (mesos, dc/os, k8s)
>
> But I think that they are separate things. If users are authenticated and
> interpreter is impersonating each user, the risk of system disruption
> should be low. This is typically how to secure things in a system, through
> user directory (eg LDAP) and access control (normal user can’t sudo and
> delete everything).
>
> Thought?
>
> _
> From: Jeff Zhang 
> Sent: Thursday, November 30, 2017 11:51 PM
>
> Subject: Re: [DISCUSS] Change some default settings for avoiding
> unintended usages
> To: 
> Cc: users 
>
>
>
> +1 for running interpreter process in docker container.
>
>
>
> Jongyoul Lee 于2017年12月1日周五 下午3:36写道:
>
>> Yes, exactly, this is not only the shell interpreter problem, all can run
>> any script through python and Scala. Shell is just an example.
>>
>> Using docker looks good but it cannot avoid unindented usage of resources
>> like mining coin.
>>
>> On Fri, Dec 1, 2017 at 2:36 PM, Felix Cheung 
>> wrote:
>>
>> > I don’t think that’s limited to the shell interpreter.
>> >
>> > You can run any arbitrary program or script from python or Scala (or
>> java)
>> > as well.
>> >
>> > _
>> > From: Jeff Zhang 
>> > Sent: Wednesday, November 29, 2017 4:00 PM
>> > Subject: Re: [DISCUSS] Change some default settings for avoiding
>> > unintended usages
>> > To: 
>> > Cc: users 
>> >
>> >
>> >
>> > Shell interpreter is a black hole for security, usually we don't
>> recommend
>> > or allow user to use shell.
>> >
>> > We may need to refactor the shell interpreter, running under zeppelin
>> user
>> > is too dangerous.
>> >
>> >
>> >
>> >
>> >
>> > Jongyoul Lee 于2017年11月29日周三 下午11:44写道:
>> >
>> > > Hi, users and dev,
>> > >
>> > > Recently, I've got an issue about the abnormal usage of some
>> > interpreters.
>> > > Zeppelin's users can access shell by shell and python interpreters. It
>> > > means all users can run or execute what they want even if it harms the
>> > > system. Thus I agree that we need to change some default settings to
>> > > prevent this kind of abusing situation. Before we proceed to do it, I
>> > want
>> > > to listen to others' opinions.
>> > >
>> > > Feel free to reply this email
>> > >
>> > > Regards,
>> > > Jongyoul
>> > >
>> > > --
>> > > 이종열, Jongyoul Lee, 李宗烈
>> > > http://madeng.net
>> > >
>> >
>> >
>> >
>>
>>
>> --
>> 이종열, Jongyoul Lee, 李宗烈
>> http://madeng.net
>>
>
>
>


-- 
이종열, Jongyoul Lee, 李宗烈
http://madeng.net