Github user PuspenduBanerjee commented on the issue:
https://github.com/apache/nifi/pull/1551
Additionally, can we provide a script, that a sysadmin can use to audit and
report any discrepancy in permissions ?
---
If your project is set up for it, you can reply to this email and
Github user trixpan commented on the issue:
https://github.com/apache/nifi/pull/1551
@joewitt. Thanks for the comment. I will go through your notes and adjust
the PR accordingly.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub
Github user joewitt commented on the issue:
https://github.com/apache/nifi/pull/1551
It is prudent to restrict the ACLs of the files and directories we ship
with to their most conservative level possible. I'll refer to these as 'SA'
(shipped artifacts) for my comments below.
Github user trixpan commented on the issue:
https://github.com/apache/nifi/pull/1551
@joewitt thanks for your comments.
I understand your concerns but isn't the user change of the default
settings (we do ship with default location settings after all) a voluntary
action
Github user joewitt commented on the issue:
https://github.com/apache/nifi/pull/1551
@trixpan we cannot do this. Several of these directories are configurable
by the users and are subject to the selection of specific repository
implementations. We must avoid setting these.